urlscan.io logo urlscan.io
SecurityTrails logo

www.dailymail.co.uk Open in urlscan Pro
2a02:26f0:6c00:2a6::16c2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW...
Effective URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&i...
Submission: On April 04 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 136 IPs in 11 countries across 114 domains to perform 809 HTTP transactions. The main IP is 2a02:26f0:6c00:2a6::16c2, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.dailymail.co.uk.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 16th 2021. Valid for: a year.
This is the only time www.dailymail.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.2 209242 (CLOUDFLAR...)
30 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 2a00:1450:400... 15169 (GOOGLE)
84 2a02:26f0:710... 20940 (AKAMAI-ASN1)
4 13.226.159.83 16509 (AMAZON-02)
2 2 35.181.18.61 16509 (AMAZON-02)
4 8 104.111.238.139 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2 34.241.183.220 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
17 13.226.158.204 16509 (AMAZON-02)
69 151.101.13.44 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 185.94.180.128 35220 (SPOTX-AMS)
1 2.18.232.234 16625 (AKAMAI-AS)
1 2600:9000:218... 16509 (AMAZON-02)
2 2.16.107.83 20940 (AKAMAI-ASN1)
2 134.209.129.254 14061 (DIGITALOC...)
1 2a04:4e42:1b:... 54113 (FASTLY)
8 37.252.161.190 29990 (ASN-APPNEX)
4 178.250.2.131 44788 (ASN-CRITE...)
5 18.195.225.18 16509 (AMAZON-02)
5 213.19.162.51 26667 (RUBICONPR...)
4 54.225.88.36 14618 (AMAZON-AES)
9 18.185.167.149 16509 (AMAZON-02)
1 185.255.84.151 200271 (IGUANE-)
1 24 35.244.159.8 15169 (GOOGLE)
7 184.31.84.150 20940 (AKAMAI-ASN1)
3 185.64.189.112 62713 (AS-PUBMATIC)
1 18.195.223.2 16509 (AMAZON-02)
4 22 37.252.172.38 29990 (ASN-APPNEX)
2 18.198.141.227 16509 (AMAZON-02)
9 35.157.246.167 16509 (AMAZON-02)
1 2.18.232.7 16625 (AKAMAI-AS)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 104.19.149.54 13335 (CLOUDFLAR...)
10 2.18.235.40 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
3 2.16.186.40 20940 (AKAMAI-ASN1)
10 16 3.124.46.162 16509 (AMAZON-02)
40 142.250.185.226 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 140.82.121.3 36459 (GITHUB)
1 185.199.111.154 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
5 2.16.186.25 20940 (AKAMAI-ASN1)
22 2.16.186.27 20940 (AKAMAI-ASN1)
3 7 2a00:1288:110... 34010 (YAHOO-IRD)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
35 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.226.159.34 16509 (AMAZON-02)
6 8 37.157.4.39 198622 (ADFORM)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a02:26f0:710... 20940 (AKAMAI-ASN1)
9 12 185.94.180.126 35220 (SPOTX-AMS)
4 35.158.19.244 16509 (AMAZON-02)
2 18.159.16.69 16509 (AMAZON-02)
5 28 2.18.234.21 16625 (AKAMAI-AS)
2 22 141.226.228.48 200478 (TABOOLA-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 185.94.180.123 35220 (SPOTX-AMS)
1 52.57.128.70 16509 (AMAZON-02)
5 18 18.202.255.125 16509 (AMAZON-02)
3 8 54.239.17.112 16509 (AMAZON-02)
14 21 172.217.18.98 15169 (GOOGLE)
1 1 54.82.47.56 14618 (AMAZON-AES)
1 169.197.150.7 398989 (DEEPINTENT)
5 5 185.29.133.208 30419 (MEDIAMATH...)
1 2 54.204.142.198 14618 (AMAZON-AES)
25 2a00:1450:400... 15169 (GOOGLE)
6 2600:1f18:612... 14618 (AMAZON-AES)
5 11 3.126.63.176 16509 (AMAZON-02)
5 7 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a02:2638::3 44788 (ASN-CRITE...)
1 151.101.114.137 54113 (FASTLY)
5 34.234.142.36 14618 (AMAZON-AES)
1 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
1 2.18.233.13 16625 (AKAMAI-AS)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
16 54.236.84.15 14618 (AMAZON-AES)
2 2 18.195.240.234 16509 (AMAZON-02)
3 69.173.144.165 26667 (RUBICONPR...)
1 2 198.148.27.140 19189 (PULSEPOINT)
4 185.64.190.80 62713 (AS-PUBMATIC)
1 2 72.251.249.14 29791 (VOXEL-DOT...)
1 185.86.139.89 201081 (SMARTADSE...)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 18.195.155.181 16509 (AMAZON-02)
1 2 178.250.0.163 44788 (ASN-CRITE...)
2 3 54.36.109.46 16276 (OVH)
2 2 3.123.96.39 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
1 1 172.105.199.172 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
1 141.226.224.32 200478 (TABOOLA-AS)
2 2 34.204.22.100 14618 (AMAZON-AES)
1 54.234.77.96 14618 (AMAZON-AES)
25 2.16.186.146 20940 (AKAMAI-ASN1)
2 2 184.30.212.16 20940 (AKAMAI-ASN1)
6 104.111.230.142 16625 (AKAMAI-AS)
6 213.19.147.210 3356 (LEVEL3)
4 14 18.158.85.202 16509 (AMAZON-02)
2 2.18.232.130 16625 (AKAMAI-AS)
2 2.18.233.180 16625 (AKAMAI-AS)
3 6 3.126.56.137 16509 (AMAZON-02)
3 4 151.101.14.49 54113 (FASTLY)
1 18.158.206.137 16509 (AMAZON-02)
3 3 2620:116:800d... 16509 (AMAZON-02)
1 37.252.172.37 29990 (ASN-APPNEX)
2 2 2001:678:cb4:... 56396 (TURN)
1 52.45.11.130 14618 (AMAZON-AES)
1 1 3.91.110.183 14618 (AMAZON-AES)
2 3 104.111.242.53 16625 (AKAMAI-AS)
2 51.178.20.140 16276 (OVH)
2 5 52.51.154.44 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 185.183.112.148 60350 (VP)
1 2 52.49.59.93 16509 (AMAZON-02)
1 2 159.253.128.188 36351 (SOFTLAYER)
1 1 66.155.71.25 13768 (COGECO-PEER1)
1 63.251.232.170 29791 (VOXEL-DOT...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 35.186.253.211 15169 (GOOGLE)
2 2 18.157.138.23 16509 (AMAZON-02)
2 2 52.215.39.23 16509 (AMAZON-02)
1 54.194.226.253 16509 (AMAZON-02)
1 23.79.152.128 16625 (AKAMAI-AS)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.98.67.61 15169 (GOOGLE)
1 1 18.133.35.94 16509 (AMAZON-02)
1 1 18.194.113.221 16509 (AMAZON-02)
3 4 54.83.155.67 14618 (AMAZON-AES)
1 2 52.211.195.119 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 70.42.32.95 22075 (AS-OUTBRAIN)
4 10 2.18.234.233 16625 (AKAMAI-AS)
1 185.64.189.115 62713 (AS-PUBMATIC)
2 2800:3f0:4004... 15169 (GOOGLE)
4 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2 213.155.156.168 1299 (TELIANET ...)
4 185.64.189.110 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 185.64.190.81 62713 (AS-PUBMATIC)
2 13.32.25.65 16509 (AMAZON-02)
1 2a02:2638::1c 44788 (ASN-CRITE...)
809 136
2    199.60.103.2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.silobreaker.com
30    2a02:26f0:6c00:2a6::16c2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.dailymail.co.uk
scripts.dailymail.co.uk
ted.dailymail.co.uk
t.dailymail.co.uk
video.dailymail.co.uk
5    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
84    2a02:26f0:7100:2ab::16c2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
i.dailymail.co.uk
secured.dailymail.co.uk
creative.dailymail.co.uk
crta.dailymail.co.uk
4    13.226.159.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-83.dus51.r.cloudfront.net
uk-script.dotmetrics.net
2    35.181.18.61 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
swa.and.co.uk
8    104.111.238.139 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    2a02:26f0:6c00::210:bb72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
hulkprod.anm.co.uk
2    34.241.183.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-183-220.eu-west-1.compute.amazonaws.com
sync.sxp.smartclip.net
5    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:9000:206f:8c00:8:5c85:cdc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sak.userreport.com
17    13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net
c.amazon-adsystem.com
69    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
match.taboola.com
2    2606:4700::6812:4ba (United States)

ASN13335 (CLOUDFLARENET, US)
macro.adnami.io
1    185.94.180.128 (United States)

ASN35220 (SPOTX-AMS, US)
js.spotx.tv
1    2.18.232.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-234.deploy.static.akamaitechnologies.com
aka.spotxcdn.com
1    2600:9000:2182:9600:15:d134:4e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
ovp.iris.tv
2    2.16.107.83 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-83.deploy.static.akamaitechnologies.com
storage.cloud.kargo.com
2    134.209.129.254 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
8    37.252.161.190 (Shepherds Bush, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net
prebid.adnxs.com
4    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
5    18.195.225.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-225-18.eu-central-1.compute.amazonaws.com
tlx.3lift.com
5    213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    54.225.88.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-88-36.compute-1.amazonaws.com
mfad.inskinad.com
9    18.185.167.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
24    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
mailonline-uk-d.openx.net
playbuzzltd-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
7    184.31.84.150 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    18.195.223.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-223-2.eu-central-1.compute.amazonaws.com
krk.kargo.com
22    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
ib.adnxs.com
2    18.198.141.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-141-227.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com
9    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
2    2a02:26f0:6c00:287::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
685b3918.akstat.io
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google-analytics.com
1    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.19.149.54 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
10    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
4    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2.16.186.40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com
bucket1.mm-syringe.com
16    3.124.46.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-46-162.eu-central-1.compute.amazonaws.com
x.bidswitch.net
40    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    140.82.121.3 (United States)

ASN36459 (GITHUB, US)
github.com
1    185.199.111.154 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-154.github.com
github-releases.githubusercontent.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2.16.186.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-25.deploy.static.akamaitechnologies.com
www.oo-syringe.com
22    2.16.186.27 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-27.deploy.static.akamaitechnologies.com
vms-videos.minutemediaservices.com
7    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
9    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cd32f34bb612852e9ea5161e8650c4b1.safeframe.googlesyndication.com
35    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.226.159.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-34.dus51.r.cloudfront.net
assets.mm-syringe.com
8    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
c1.adform.net
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a02:26f0:6c00::210:bab8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.newzit.com
3    2a02:26f0:7100:2b0::16c2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
fff.dailymail.co.uk
12    185.94.180.126 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    35.158.19.244 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-19-244.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
2    18.159.16.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-16-69.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
28    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
js-sec.indexww.com
ssum.casalemedia.com
dsum.casalemedia.com
22    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
am-wf.taboola.com
1    2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
6    185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    52.57.128.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
crb.kargo.com
18    18.202.255.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
match.adsrvr.org
8    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
21    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
1    54.82.47.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
5    185.29.133.208 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    54.204.142.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
um2.eqads.com
25    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    2600:1f18:612b:4200:ae67:61d5:5bef:8e79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
11    3.126.63.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-63-176.eu-central-1.compute.amazonaws.com
pixel.advertising.com
7    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
3    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    151.101.114.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.ex.co
5    34.234.142.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
prd-collector-anon.ex.co
1    2a02:26f0:64::214:846e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
1    2.18.233.13 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
cdn.playbuzz.com
2    2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
16    54.236.84.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
atrack.avplayer.com
track1.aniview.com
2    18.195.240.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
e1.emxdgt.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    54.36.109.46 (France)

ASN16276 (OVH, FR)
PTR: p01.id5-sync.com
id5-sync.com
2    3.123.96.39 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    172.105.199.172 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1853-172.members.linode.com
s.c.appier.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    34.204.22.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    54.234.77.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
premiumsrv.aniview.com
25    2.16.186.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-146.deploy.static.akamaitechnologies.com
mcd.ex.co
2    184.30.212.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    213.19.147.210 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
14    18.158.85.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-85-202.eu-central-1.compute.amazonaws.com
eb2.3lift.com
2    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.158.206.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
grid.bidswitch.net
3    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    52.45.11.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
1    3.91.110.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
2    51.178.20.140 (France)

ASN16276 (OVH, FR)
gu.dyntrk.com
5    52.51.154.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    2a02:fa8:8806:13::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    52.49.59.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
2    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    18.157.138.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
2    52.215.39.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
1    54.194.226.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
1    23.79.152.128 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com
tags.bluekai.com
3    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    18.133.35.94 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    18.194.113.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
4    54.83.155.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i.liadm.com
2    52.211.195.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ml314.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
10    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2800:3f0:4004:806::2003 (Argentina)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
cdn.stickyadstv.com
2    213.155.156.168 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
4    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    13.32.25.65 (United States)

ASN16509 (AMAZON-02, US)
context.iris.tv
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
Apex Domain
Subdomains		 Transfer
117 dailymail.co.uk
www.dailymail.co.uk
i.dailymail.co.uk
scripts.dailymail.co.uk
ted.dailymail.co.uk
t.dailymail.co.uk
secured.dailymail.co.uk
fff.dailymail.co.uk
creative.dailymail.co.uk
crta.dailymail.co.uk
video.dailymail.co.uk
3 MB
92 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
trc-events.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
am-match.taboola.com
wf.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
match.taboola.com
cds.taboola.com
am-wf.taboola.com
1 MB
68 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
googleads.g.doubleclick.net
203 KB
45 googlesyndication.com
pagead2.googlesyndication.com
cd32f34bb612852e9ea5161e8650c4b1.safeframe.googlesyndication.com
tpc.googlesyndication.com
772 KB
33 adnxs.com
prebid.adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
53 KB
31 ex.co
player.ex.co
prd-collector-anon.ex.co
mcd.ex.co
1 MB
31 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
36 KB
26 openx.net
mailonline-uk-d.openx.net
playbuzzltd-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
7 KB
25 ampproject.org
cdn.ampproject.org
534 KB
25 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
43 KB
22 minutemediaservices.com
vms-videos.minutemediaservices.com
2 MB
22 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
12 KB
20 rubiconproject.com
fastlane.rubiconproject.com
prebid-server.rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
58 KB
19 3lift.com
tlx.3lift.com
eb2.3lift.com
8 KB
18 adsrvr.org
match.adsrvr.org
6 KB
18 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
11 KB
17 bidswitch.net
x.bidswitch.net
grid.bidswitch.net
5 KB
16 pubmatic.com
hbopenbid.pubmatic.com
simage2.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com
simage4.pubmatic.com
33 KB
15 aniview.com
player.aniview.com
track1.aniview.com
premiumsrv.aniview.com
181 KB
14 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
282 KB
13 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
3 KB
13 google.com
adservice.google.com
www.google.com
2 KB
10 moatads.com
z.moatads.com
px.moatads.com
336 KB
10 googleapis.com
imasdk.googleapis.com
ajax.googleapis.com
fonts.googleapis.com
634 KB
9 google-analytics.com
google-analytics.com
ssl.google-analytics.com
www.google-analytics.com
37 KB
9 sharethrough.com
btlr.sharethrough.com
1 KB
8 adform.net
cm.adform.net
c1.adform.net
3 KB
8 scorecardresearch.com
sb.scorecardresearch.com
9 KB
7 criteo.com
bidder.criteo.com
dis.criteo.com
gum.criteo.com
2 KB
6 1rx.io
tag.1rx.io
2 KB
6 tremorhub.com
taboola-supply-partners.tremorhub.com
1 KB
6 google.de
adservice.google.de
2 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 avplayer.com
player.avplayer.com
atrack.avplayer.com
71 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 gstatic.com
fonts.gstatic.com
csi.gstatic.com
54 KB
5 oo-syringe.com
www.oo-syringe.com
82 KB
5 googletagservices.com
www.googletagservices.com
155 KB
4 liadm.com
i.liadm.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 indexww.com
js-sec.indexww.com
4 KB
4 criteo.net
static.criteo.net
52 KB
4 mm-syringe.com
bucket1.mm-syringe.com
assets.mm-syringe.com
181 KB
4 googletagmanager.com
www.googletagmanager.com
90 KB
4 inskinad.com
mfad.inskinad.com
3 KB
4 kargo.com
storage.cloud.kargo.com
krk.kargo.com
klkstrm.kargo.com Failed
crb.kargo.com
5 KB
4 dotmetrics.net
uk-script.dotmetrics.net
39 KB
3 zeotap.com
mwzeom.zeotap.com
1 KB
3 owneriq.net
px.owneriq.net
1 KB
3 quantserve.com
pixel.quantserve.com
1 KB
3 id5-sync.com
id5-sync.com
4 KB
3 newzit.com
www.newzit.com
4 KB
3 iris.tv
ovp.iris.tv
context.iris.tv
6 KB
2 fiftyt.com
visitor.fiftyt.com
994 B
2 semasio.net
uipglob.semasio.net
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 zemanta.com
b1sync.zemanta.com
602 B
2 bing.com
c.bing.com
690 B
2 rlcdn.com
idsync.rlcdn.com
799 B
2 ml314.com
ml314.com
789 B
2 agkn.com
aa.agkn.com
d.agkn.com
1002 B
2 scoota.co
r.scoota.co
1 KB
2 w55c.net
pm.w55c.net
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 dyntrk.com
gu.dyntrk.com
430 B
2 turn.com
ad.turn.com
866 B
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 lijit.com
ce.lijit.com
1018 B
2 contextweb.com
bh.contextweb.com
828 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 eqads.com
um2.eqads.com
563 B
2 tapad.com
pixel.tapad.com Failed
760 B
2 facebook.com
www.facebook.com
519 B
2 go-mpulse.net
s.go-mpulse.net
c.go-mpulse.net
51 KB
2 justpremium.com
pre.ads.justpremium.com
5 KB
2 serverbid.com
e.serverbid.com
88 B
2 adnami.io
macro.adnami.io
18 KB
2 smartclip.net
sync.sxp.smartclip.net
931 B
2 and.co.uk
swa.and.co.uk
2 KB
2 silobreaker.com
info.silobreaker.com
4 KB
1 akstat.io
685b3918.akstat.io
205 B
1 mookie1.com
odr.mookie1.com
324 B
1 bluekai.com
tags.bluekai.com
757 B
1 crwdcntrl.net
sync.crwdcntrl.net
237 B
1 ad4m.at
ad4m.at
1 rfihub.com
p.rfihub.com
775 B
1 adgrx.com
cm.adgrx.com
408 B
1 sitescout.com
pixel-sync.sitescout.com
299 B
1 adotmob.com
sync.adotmob.com
689 B
1 dotomi.com
casale-match.dotomi.com
187 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
378 B
1 adentifi.com
rtb.adentifi.com
88 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
360 B
1 emxdgt.com
e1.emxdgt.com
59 B
1 adkernel.com
dsp.adkernel.com
233 B
1 smartadserver.com
rtb-csync.smartadserver.com
697 B
1 playbuzz.com
cdn.playbuzz.com
27 KB
1 deepintent.com
match.deepintent.com
44 B
1 extend.tv
sync.extend.tv
546 B
1 2mdn.net
s0.2mdn.net
16 KB
1 githubusercontent.com
github-releases.githubusercontent.com
337 KB
1 github.com
github.com
2 KB
1 permutive.com
cdn.permutive.com
154 KB
1 facebook.net
connect.facebook.net
2 KB
1 teads.tv
a.teads.tv
251 B
1 omnitagjs.com
hb-api.omnitagjs.com
727 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 spotxcdn.com
aka.spotxcdn.com
155 KB
1 spotx.tv
js.spotx.tv
589 B
1 userreport.com
sak.userreport.com
47 KB
1 anm.co.uk
hulkprod.anm.co.uk
12 KB
809 114
Domain Requested by
77 i.dailymail.co.uk www.dailymail.co.uk
35 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.dailymail.co.uk
cdn.ampproject.org
info.silobreaker.com
tpc.googlesyndication.com
26 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
info.silobreaker.com
www.dailymail.co.uk
25 mcd.ex.co player.avplayer.com
25 cdn.ampproject.org securepubads.g.doubleclick.net
22 images.taboola.com www.dailymail.co.uk
22 vms-videos.minutemediaservices.com info.silobreaker.com
ajax.googleapis.com
22 ib.adnxs.com 4 redirects www.dailymail.co.uk
eb2.3lift.com
acdn.adnxs.com
22 cdn.taboola.com www.dailymail.co.uk
cdn.taboola.com
info.silobreaker.com
21 cm.g.doubleclick.net 14 redirects www.dailymail.co.uk
u.openx.net
eu-u.openx.net
eb2.3lift.com
21 www.dailymail.co.uk info.silobreaker.com
www.dailymail.co.uk
18 match.adsrvr.org 5 redirects ssum-sec.casalemedia.com
am-match.taboola.com
imprammp.taboola.com
www.dailymail.co.uk
u.openx.net
eu-u.openx.net
eb2.3lift.com
17 c.amazon-adsystem.com www.dailymail.co.uk
c.amazon-adsystem.com
16 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
um2.eqads.com
16 x.bidswitch.net 10 redirects am-match.taboola.com
imprammp.taboola.com
14 eb2.3lift.com 4 redirects www.dailymail.co.uk
eb2.3lift.com
14 pubads.g.doubleclick.net imasdk.googleapis.com
www.dailymail.co.uk
12 track1.aniview.com www.dailymail.co.uk
player.aniview.com
12 sync.search.spotxchange.com 9 redirects www.dailymail.co.uk
11 pixel.advertising.com 5 redirects am-match.taboola.com
imprammp.taboola.com
10 ads.stickyadstv.com 4 redirects imasdk.googleapis.com
www.dailymail.co.uk
cdn.stickyadstv.com
9 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
9 trc.taboola.com cdn.taboola.com
www.dailymail.co.uk
9 pagead2.googlesyndication.com imasdk.googleapis.com
www.dailymail.co.uk
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
9 c2shb.ssp.yahoo.com www.dailymail.co.uk
9 btlr.sharethrough.com www.dailymail.co.uk
8 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
eb2.3lift.com
www.dailymail.co.uk
8 prebid.adnxs.com www.dailymail.co.uk
8 sb.scorecardresearch.com 4 redirects www.dailymail.co.uk
7 c1.adform.net 6 redirects ssum-sec.casalemedia.com
7 eu-u.openx.net 1 redirects www.dailymail.co.uk
u.openx.net
eu-u.openx.net
7 www.google.com 5 redirects www.dailymail.co.uk
7 sync-t1.taboola.com am-match.taboola.com
imprammp.taboola.com
www.dailymail.co.uk
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.dailymail.co.uk
7 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
u.openx.net
ads.pubmatic.com
7 htlb.casalemedia.com www.dailymail.co.uk
7 mailonline-uk-d.openx.net www.dailymail.co.uk
6 us-u.openx.net u.openx.net
eu-u.openx.net
6 ups.analytics.yahoo.com 3 redirects www.dailymail.co.uk
6 tag.1rx.io player.aniview.com
6 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
www.dailymail.co.uk
am-match.taboola.com
6 taboola-supply-partners.tremorhub.com am-match.taboola.com
imprammp.taboola.com
6 search.spotxchange.com js.spotx.tv
6 px.moatads.com www.dailymail.co.uk
6 ssum-sec.casalemedia.com 1 redirects www.dailymail.co.uk
ssum-sec.casalemedia.com
js-sec.indexww.com
6 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
6 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
5 match.prod.bidr.io 2 redirects ssum-sec.casalemedia.com
u.openx.net
5 crta.dailymail.co.uk www.dailymail.co.uk
5 sync.taboola.com 2 redirects www.dailymail.co.uk
5 prd-collector-anon.ex.co player.ex.co
5 googleads.g.doubleclick.net www.dailymail.co.uk
5 sync.mathtag.com 5 redirects
5 www.oo-syringe.com info.silobreaker.com
5 fastlane.rubiconproject.com www.dailymail.co.uk
5 tlx.3lift.com www.dailymail.co.uk
5 www.googletagservices.com www.dailymail.co.uk
info.silobreaker.com
securepubads.g.doubleclick.net
5 imasdk.googleapis.com www.dailymail.co.uk
imasdk.googleapis.com
4 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
4 cdn.stickyadstv.com imasdk.googleapis.com
cdn.stickyadstv.com
4 i.liadm.com 3 redirects www.dailymail.co.uk
4 sync-tm.everesttech.net 3 redirects www.dailymail.co.uk
4 js-sec.indexww.com www.dailymail.co.uk
ssum-sec.casalemedia.com
4 simage2.pubmatic.com www.dailymail.co.uk
ads.pubmatic.com
4 atrack.avplayer.com www.dailymail.co.uk
4 static.criteo.net www.dailymail.co.uk
static.criteo.net
4 am-match.taboola.com vidstat.taboola.com
4 prebid-server.rubiconproject.com www.dailymail.co.uk
4 fonts.googleapis.com info.silobreaker.com
securepubads.g.doubleclick.net
www.dailymail.co.uk
4 www.googletagmanager.com www.dailymail.co.uk
info.silobreaker.com
4 z.moatads.com www.dailymail.co.uk
z.moatads.com
4 mfad.inskinad.com www.dailymail.co.uk
ssum-sec.casalemedia.com
4 bidder.criteo.com www.dailymail.co.uk
static.criteo.net
4 uk-script.dotmetrics.net www.dailymail.co.uk
uk-script.dotmetrics.net
3 video.dailymail.co.uk www.dailymail.co.uk
3 mwzeom.zeotap.com www.dailymail.co.uk
ads.pubmatic.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 pixel.quantserve.com 3 redirects
3 id5-sync.com 2 redirects www.dailymail.co.uk
3 fff.dailymail.co.uk www.dailymail.co.uk
3 www.newzit.com scripts.dailymail.co.uk
www.newzit.com
3 fonts.gstatic.com fonts.googleapis.com
3 bucket1.mm-syringe.com www.dailymail.co.uk
bucket1.mm-syringe.com
3 hbopenbid.pubmatic.com www.dailymail.co.uk
2 am-wf.taboola.com vidstat.taboola.com
2 context.iris.tv ovp.iris.tv
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 b1sync.zemanta.com 2 redirects
2 c.bing.com eb2.3lift.com
2 idsync.rlcdn.com 2 redirects
2 ml314.com 1 redirects www.dailymail.co.uk
2 r.scoota.co 2 redirects
2 pm.w55c.net 2 redirects
2 rtb.openx.net 1 redirects u.openx.net
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 gu.dyntrk.com ssum-sec.casalemedia.com
2 ad.turn.com 2 redirects
2 ads.pubmatic.com www.dailymail.co.uk
ads.pubmatic.com
2 u.openx.net www.dailymail.co.uk
player.aniview.com
2 acdn.adnxs.com www.dailymail.co.uk
2 token.rubiconproject.com eus.rubiconproject.com
2 playbuzzltd-d.openx.net player.aniview.com
2 secure-assets.rubiconproject.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 dis.criteo.com 1 redirects image6.pubmatic.com
2 ce.lijit.com 1 redirects www.dailymail.co.uk
2 bh.contextweb.com 1 redirects www.dailymail.co.uk
2 rtb.mfadsrvr.com 2 redirects
2 player.aniview.com player.ex.co
player.aniview.com
2 am-vid-events.taboola.com www.dailymail.co.uk
2 wf.taboola.com vidstat.taboola.com
2 imprammp.taboola.com vidstat.taboola.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 trc-events.taboola.com www.dailymail.co.uk
2 15.taboola.com cdn.taboola.com
2 pixel.tapad.com www.dailymail.co.uk
2 ads.adaptv.advertising.com www.dailymail.co.uk
2 stats.g.doubleclick.net www.dailymail.co.uk
www.google-analytics.com
2 www.facebook.com www.dailymail.co.uk
2 pre.ads.justpremium.com www.dailymail.co.uk
2 e.serverbid.com www.dailymail.co.uk
2 storage.cloud.kargo.com www.dailymail.co.uk
storage.cloud.kargo.com
2 macro.adnami.io www.dailymail.co.uk
macro.adnami.io
2 sync.sxp.smartclip.net 1 redirects www.dailymail.co.uk
2 swa.and.co.uk 2 redirects
2 t.dailymail.co.uk www.dailymail.co.uk
2 ted.dailymail.co.uk www.dailymail.co.uk
2 scripts.dailymail.co.uk www.dailymail.co.uk
2 info.silobreaker.com 1 redirects
1 685b3918.akstat.io s.go-mpulse.net
1 gum.criteo.com static.criteo.net
1 simage4.pubmatic.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 odr.mookie1.com www.dailymail.co.uk
1 tags.bluekai.com www.dailymail.co.uk
1 sync.crwdcntrl.net www.dailymail.co.uk
1 ad4m.at ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com 1 redirects
1 sync.adotmob.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 secure.adnxs.com ssum-sec.casalemedia.com
1 grid.bidswitch.net www.dailymail.co.uk
1 ssum.casalemedia.com 1 redirects
1 premiumsrv.aniview.com player.aniview.com
1 cds.taboola.com www.dailymail.co.uk
1 bttrack.com www.dailymail.co.uk
1 s.c.appier.net 1 redirects
1 e1.emxdgt.com www.dailymail.co.uk
1 dsp.adkernel.com www.dailymail.co.uk
1 rtb-csync.smartadserver.com www.dailymail.co.uk
1 pixel.rubiconproject.com www.dailymail.co.uk
1 match.taboola.com www.dailymail.co.uk
1 cdn.playbuzz.com www.dailymail.co.uk
1 player.avplayer.com player.ex.co
1 player.ex.co info.silobreaker.com
1 match.deepintent.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 crb.kargo.com storage.cloud.kargo.com
1 c.go-mpulse.net s.go-mpulse.net
1 creative.dailymail.co.uk www.dailymail.co.uk
1 cm.adform.net www.dailymail.co.uk
1 assets.mm-syringe.com www.dailymail.co.uk
1 cd32f34bb612852e9ea5161e8650c4b1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 s0.2mdn.net imasdk.googleapis.com
1 ajax.googleapis.com info.silobreaker.com
1 github-releases.githubusercontent.com www.dailymail.co.uk
1 github.com 1 redirects
1 ssl.google-analytics.com 1 redirects
1 cdn.permutive.com www.dailymail.co.uk
1 connect.facebook.net www.dailymail.co.uk
1 google-analytics.com www.dailymail.co.uk
1 s.go-mpulse.net www.dailymail.co.uk
1 a.teads.tv www.dailymail.co.uk
1 krk.kargo.com www.dailymail.co.uk
1 hb-api.omnitagjs.com www.dailymail.co.uk
1 cdn.jsdelivr.net www.dailymail.co.uk
1 secured.dailymail.co.uk www.dailymail.co.uk
1 ovp.iris.tv www.dailymail.co.uk
1 aka.spotxcdn.com www.dailymail.co.uk
1 js.spotx.tv 1 redirects
1 sak.userreport.com www.dailymail.co.uk
1 hulkprod.anm.co.uk www.dailymail.co.uk
0 klkstrm.kargo.com Failed storage.cloud.kargo.com
809 196
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
*.dailymail.co.uk
DigiCert SHA2 Secure Server CA		 2021-02-16 -
2022-02-22		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.dotmetrics.net
Amazon		 2020-11-23 -
2021-12-22		 a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
dmgprivacyint.co.uk
R3		 2021-02-05 -
2021-05-06		 3 months crt.sh
*.smartclip.net
Amazon		 2021-01-29 -
2022-02-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.userreport.com
Amazon		 2021-02-19 -
2022-03-20		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-27 -
2021-08-27		 a year crt.sh
cdn.spotxcdn.com
GeoTrust RSA CA 2018		 2020-05-21 -
2021-06-20		 a year crt.sh
iris.tv
Amazon		 2020-10-10 -
2021-11-10		 a year crt.sh
kargo.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
e.serverbid.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-25 -
2022-03-26		 a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2020-03-29 -
2022-03-29		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
mfad.inskinad.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2021-06-18		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.dev.kargo.com
Amazon		 2021-03-16 -
2022-04-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
akstat.io
DigiCert Secure Site ECC CA-1		 2020-05-06 -
2021-08-05		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2021-03-02 -
2022-03-01		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
www.90min.com
DigiCert Secure Site ECC CA-1		 2020-08-14 -
2021-11-13		 a year crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA		 2020-05-06 -
2022-04-14		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.mm-syringe.com
Amazon		 2021-02-25 -
2022-03-26		 a year crt.sh
*.adform.net
DigiCert SHA2 Secure Server CA		 2020-04-02 -
2021-06-02		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
newzit.com
R3		 2021-01-29 -
2021-04-29		 3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-20 -
2021-04-21		 2 years crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-12-26 -
2021-06-22		 6 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
um3.eqads.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2020-12-27 -
2022-01-28		 a year crt.sh
outstreamedia.com
R3		 2021-02-25 -
2021-05-26		 3 months crt.sh
*.playbuzz.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-17 -
2021-12-03		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.id5-sync.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
g2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-24 -
2021-04-25		 a month crt.sh
grid.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-15 -
2021-10-23		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
gu.dyntrk.com
R3		 2021-02-09 -
2021-05-10		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-03-24 -
2022-03-30		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.liadm.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
*.ml314.com
Amazon		 2021-01-17 -
2022-02-14		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA		 2019-11-25 -
2022-02-18		 2 years crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh

This page contains 49 frames:

Primary Page: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Frame ID: CF758E93FE4D77EC089DE22C8B05B58A
Requests: 458 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtm.js?id=GTM-PL4PD49
Frame ID: 02AB4CD7ADF42C219AE01C1479F412CC
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-PL4PD49
Frame ID: 744CA85D7AF1062B3EB213DFCB663FF9
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-PL4PD49
Frame ID: E0ED185336793D49B8F4789E40462625
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Frame ID: BDF2905C13A44B627E0F06AD3F2389C6
Requests: 9 HTTP requests in this frame

Frame: https://www.newzit.com/setABframe.html
Frame ID: 15E419F8DEE6A8DC8CF388F5ECD5E06B
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
Frame ID: C81D77423C845A8FDCF211EB6EB71CEC
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Frame ID: E7AFE242288DDF40D7202EF8F30B6ADE
Requests: 13 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/initsync/a7eb492f-ee77-4741-be48-47b27770ac84?partners=Tapad,ttd,mediamath,DBM,LiveRamp
Frame ID: D30B6A27E81F4A50CF6AAEADAF89ACD0
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: FCD2BFD6F6A6D6C2BC184745901C849F
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1JUPyk0kFjqJVPmq8AOGy-tZuGgwSPE099zxrR1ZJ-N4yw08z1fVs0-XROFi_9mgEGOW3ZQXTDx9tNfDnBYYE2HuwG5e78EyEhC7MTmhePLAM4p8OYxsbkE1OKIR2Lk7Y706RZlRNji96fWXwFklYim_bzY_H-dF_kvIXFEgMupFbK6bfYtjuh4RkfD4P_zVDQOqaD6RzLNC6X5lSqPIyhn5ozXzQ0WrnA_vlNDjQKgl8heOupJRx_KQWYlsBaB_XZxLm7Nyr0r3vLVW-jxZr4Q79RD95K18JeV23fZTeTSdauTgpONf0KPbkT8TsTLe1cg0mojT_e47k4kMANSa_Wmv46_h_3T7B-jAcPDZ6G8QxQTp4C8CEF07s&sai=AMfl-YRH7U2LaUaU4vRlMUr2UukX6j8bxz6nXmhSz33MImF5TN3VpS8zqW6NKHhYis639g7QMFXplrRqe0zOq88bzpfg4GfKOO0FLHdFkpjB2jfFZBQsrhXIALrPA0Me9ENW&sig=Cg0ArKJSzEYb6_mi4zoWEAE&urlfix=1&adurl=
Frame ID: 0294FD0729CA94D463936A48E105418D
Requests: 27 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&cmcv=&pix=undefined&cb=1617535086902&uv=2945&tms=1617535086902&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vB!srd_vI!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=35E53589A6505602671378324873&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 137B25A580DD52177D147C16C56E9F8A
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: F872670DC6A5EB46BAE1D23F0108E78D
Requests: 6 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4901665&dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&cmcv=&pix=undefined&cb=1617535086921&uv=2945&tms=1617535086921&abt=adh5c-1_vA!insc_vA!lapams_vA!rvf1_vB!spa2_vB!srd_vI!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=F545242F7720894090381909489&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: E2DC01D6C82E688FDCE1A57BA482E97F
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 85DD0065BEF1B5E91504676E17270FF3
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 3400116E6F5DEBF85DAE84225070329C
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 3C1D51F0877EF62BFB20314489DC5568
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 5ADA859A5444922607835D3B1E9A0DD5
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6e38OJQmmtB6SjTlrGT_hYa4Li4yTmEJihU53e1dRp8H_FgTm65UBAxonZSHZIuWMJy8tadzdUjR2HRW_Xjg7_BSR_m7O_eZJ1ckNGieC0CxHRzI4gUwZKElAOqIdsOBMEVOQPDeicMg9AhQWF8e939oJzqlraZozJpcyLzwgQquGSFC-XI2zP5pY0Gtu75qyACn6W4Hkn3bWOT33EU2KSv4awRzbZNxfNCb8Yv5a7FjyWVM2taTpZJRqfkgxB7tN0OjS0d8cBYTPHpw7L0wT2t3YsOgTlktqa6XMFYL_5azUKac0h4xFLIlBK2U-zs5spNfK4rVNlqezxaDPJBm9X-58pxhOOQ&sai=AMfl-YTu5rDm1TIoeGoL2E6lpqkfll7pJNl8ne62NFhs_jkTSW3bhGjNg0VAbz3s59PBblhkISx0N1WKtl8U0-AQ_6VLKVtTZsp53QL5BxqxPWJLA2idsg6_bPIPACDxlhXm&sig=Cg0ArKJSzF97VySvi4ULEAE&urlfix=1&adurl=
Frame ID: 745688DB2C124CE14ECF0D9CF677BB7D
Requests: 38 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 65E0053E45D54D5BA6347F7CFEDDC6A8
Requests: 15 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: B3C2C7109E2D265C9C816A628244FC36
Requests: 2 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d7411bc5-e718-472f-ad9d-ed4b729e745b&tbid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&query=taboola_hm%3Dd7411bc5-e718-472f-ad9d-ed4b729e745b&isDirect=0
Frame ID: CF6CC983297B15A39BAD4A22890199D8
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutKf9KccTn7pst3XwnUQfVblqipdxkRYtfh3JG7iB5P9_kFgH5U50DjG8JX_DgBnYi0WAa2vivS5Sq_t_EDwkEvtnTXZG_jnu7ghCO8ixNZT6NjQS4KPCxCKLChsqmNCsCiImr7ePyzuee8HmdA8Tli9yQmhKGaphCGEaTiWD4gvdimQhSPU9b--aPccd65BsKBJ0vO_k5Ieqf4eY5iuEy0MvprDIXOTI_mNb6t-xWWmDiQ9OikM36eGFghI1Q8xrJFEiUnJ9W3D63CnpN64kUxr8jFZhJyuEXAP2_uFKZiX4dSLxOE2HE8Kl5rerZ9iUcJIOQN1YYkkAXvECTleZS&sai=AMfl-YRG-anT3-bHasQmFOXt8nSOqZ-vym1Ifmdsg6DL0NSCfIYea6xtaBOpM_lQeHqjAqyR0kLMtC24eNbfSoEqfzqdbukA2HICfDAfU_vVNiFyQOho-lrTeSuMQ1DF8nw&sig=Cg0ArKJSzJ6B-zfI2pkDEAE&adurl=
Frame ID: 5A15828FFBA4D3718D3B8833BBEEF284
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: F13404E87D8636C04E1C3F0CDDB257F4
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: 707F34EB0289853A89EFDCDE8FA77DBB
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5C57F66EB6940D1D3E583011408D12CF
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 6863570DA9729BA344F37D35F533FD8D
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 02C28F042A13B9DFB109C0DD727C0D93
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Frame ID: 14E7B2783CF33C68850B023B2BEE20B8
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F12651BD59A9FAC4459A8F350D9A4A49
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 431EF97588A62188BC4DDA700965D636
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 800A4078643C7FECE3FC629800F65C6D
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A62CEA214B5164B5E28D5E56F8BC2B92
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 90460CBBBB5EDEBFDB611F309EC6E2BD
Requests: 15 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=amno56p1617535084669
Frame ID: 76AE60E1D567C885FAB6550CCE567CF1
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Frame ID: D7EE7FDB4C96CE2A30CA3E42A6F74897
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 6C3D683A7761096B02B62A20474F9291
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D0DA5C71E20162B6EDE944C8F6D3224D
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 08F262BA7C55E9D64563BF9C281B7FA5
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 3EE13DCE2712D99D48860A21B6166140
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 53428BA6A67EA2AC1016B43A6A46EC05
Requests: 5 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9110328642663396958
Frame ID: 992D63985C5888E4D8AAB5610CF16075
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F3500E98900A0D9135C3435D29DD025C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.dailymail.co.uk
Frame ID: 4016714EAFA5D31E3192F2D5C947506C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 0BCAD78B6B787E99E26D8CFD2B2B86C7
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: B5AC25974603C5D8444F6C22F1E20CC3
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: FC7ABE196CD6F4D6C52CADE78F3625A8
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 2F2B84F4FDFDB61B5F6165263A87EC96
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 25380049809FB4982C8A00EC139F533F
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1... HTTP 307
    https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rs... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

809
Requests

99 %
HTTPS

28 %
IPv6

114
Domains

196
Subdomains

136
IPs

11
Countries

13702 kB
Transfer

28000 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1?_ud=64bec25c-3993-4482-b8b5-b788271ae38f&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://swa.and.co.uk/b/ss/anddailymailprod/1/JS-2.9.0/s17808068967526?AQB=1&ndh=1&pf=1&t=4%2F3%2F2021%2013%3A18%3A3%200%20-120&fid=139CDEF3165DB2B4-0E9CD450420CD941&ce=iso-8859-1&ns=associatednorthcliffedigital&cdp=3&pageName=%2Fnews%2Farticle&g=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-&c.&gunther=17.14.0&fesbv=5.12.2&feabv=6.19.2&vbv=6.12.0&tag=fe_desktop_default&pushNotificationStatus=not_supported&.c&ch=dailymail.co.uk&v0=1490&events=event108%2Cevent2%2Cevent25&c1=%2Fnews&v1=D%3Dc1&c2=%2Fnews&v2=D%3Dc2&h2=dailymail.co.uk%2Fnews&l3=crime&c4=article&v4=D%3Dc4&c5=inside%20the%20hq%20of%20the%20chinese%20cyber%20ransom%20gang&v5=D%3Dc5&c6=9433257&v6=D%3Dc6&c11=Logged%20Out&v11=D%3DpageName&v12=D%3Dch&c13=%2Fnews%2Farticle&c14=New&v14=New&c15=%2Fnews%2Farticle&v21=D%3Dc23&v22=D%3Dc24&c23=2021-04-03&v23=D%3Dc25&c24=23&c25=Jake%20Ryan%20For%20The%20Mail%20On%20Sunday&v25=D%3Dc27&v26=D%3Dc28&c27=2021-04-04&v27=D%3Dc29&c28=13&c29=direct&v31=D%3Dc33&c33=%2Fnews%2Farticle&c37=DE&v37=D%3Dv0&c38=%2Fnews%2Farticle&v38=D%3Dc38&c42=D%3Dv0&c44=D%3Dg&c46=17.14.0&c47=adBlocker%20off&v49=%21-%21EXT%21-%21&v50=D%3Dg&c51=Clicked%20a%20link%20or%20entered%20a%20URL&c53=direct%5Edirect%5Edirect&v54=NoInstart&c57=65794883&v57=D%3Dc57&v58=Guest&c59=1%5E1%5E1&v59=D%3Dc59&c65=Desktop&v65=Desktop&v67=d8487a36-8b85-4449-9d67-8a4ae17f9381&v70=default&v96=874%3A684%3A28%3A9%3A9%3A30%3A114&v105=wv%3D1%2Cco%3D1%2Cdk%3D1%2Cdv%3D1%2Chu%3D0%2Cnz%3D1%2Cdw%3D1%2Cwb%3D1%2Cwi%3D1%2Cfr%3D1&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=kwUvxwV7h2h-IFaRBMSM&AQE=1 HTTP 302
  • https://swa.and.co.uk/b/ss/anddailymailprod/1/JS-2.9.0/s17808068967526?AQB=1&pccr=true&vidn=3034D03679BF03D4-400000565348E86D&ndh=1&pf=1&t=4%2F3%2F2021%2013%3A18%3A3%200%20-120&fid=139CDEF3165DB2B4-0E9CD450420CD941&ce=iso-8859-1&ns=associatednorthcliffedigital&cdp=3&pageName=%2Fnews%2Farticle&g=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-&c.&gunther=17.14.0&fesbv=5.12.2&feabv=6.19.2&vbv=6.12.0&tag=fe_desktop_default&pushNotificationStatus=not_supported&.c&ch=dailymail.co.uk&v0=1490&events=event108%2Cevent2%2Cevent25&c1=%2Fnews&v1=D%3Dc1&c2=%2Fnews&v2=D%3Dc2&h2=dailymail.co.uk%2Fnews&l3=crime&c4=article&v4=D%3Dc4&c5=inside%20the%20hq%20of%20the%20chinese%20cyber%20ransom%20gang&v5=D%3Dc5&c6=9433257&v6=D%3Dc6&c11=Logged%20Out&v11=D%3DpageName&v12=D%3Dch&c13=%2Fnews%2Farticle&c14=New&v14=New&c15=%2Fnews%2Farticle&v21=D%3Dc23&v22=D%3Dc24&c23=2021-04-03&v23=D%3Dc25&c24=23&c25=Jake%20Ryan%20For%20The%20Mail%20On%20Sunday&v25=D%3Dc27&v26=D%3Dc28&c27=2021-04-04&v27=D%3Dc29&c28=13&c29=direct&v31=D%3Dc33&c33=%2Fnews%2Farticle&c37=DE&v37=D%3Dv0&c38=%2Fnews%2Farticle&v38=D%3Dc38&c42=D%3Dv0&c44=D%3Dg&c46=17.14.0&c47=adBlocker%20off&v49=%21-%21EXT%21-%21&v50=D%3Dg&c51=Clicked%20a%20link%20or%20entered%20a%20URL&c53=direct%5Edirect%5Edirect&v54=NoInstart&c57=65794883&v57=D%3Dc57&v58=Guest&c59=1%5E1%5E1&v59=D%3Dc59&c65=Desktop&v65=Desktop&v67=d8487a36-8b85-4449-9d67-8a4ae17f9381&v70=default&v96=874%3A684%3A28%3A9%3A9%3A30%3A114&v105=wv%3D1%2Cco%3D1%2Cdk%3D1%2Cdv%3D1%2Chu%3D0%2Cnz%3D1%2Cdw%3D1%2Cwb%3D1%2Cwi%3D1%2Cfr%3D1&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=kwUvxwV7h2h-IFaRBMSM&AQE=1 HTTP 302
  • https://sb.scorecardresearch.com/r?c2=6034964&d.c=gif&d.o=anddailymailprod&d.x=5646508411&d.t=page&d.u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM HTTP 302
  • https://sb.scorecardresearch.com/r2?c2=6034964&d.c=gif&d.o=anddailymailprod&d.x=5646508411&d.t=page&d.u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&cs_ak_ss=1
Request Chain 30
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=10 HTTP 302
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=10&ang_testid=1
Request Chain 38
  • https://js.spotx.tv/directsdk/v1/234272.js HTTP 307
  • https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Request Chain 98
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=9508230d-a02e-41a7-aa78-a498e2ca8ca0
Request Chain 167
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1362808030&utmhn=www.dailymail.co.uk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&utmhid=785477306&utmr=-&utmp=%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&utmht=1617535084872&utmac=UA-3639451-1&utmcc=__utma%3D141568423.963463219.1617535085.1617535085.1617535085.1%3B%2B__utmz%3D141568423.1617535085.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=282724631&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3639451-1&cid=963463219.1617535085&jid=282724631&_v=5.7.2&z=1362808030
Request Chain 177
  • https://github.com/videojs/mux.js/releases/download/v5.9.1/mux.js HTTP 302
  • https://github-releases.githubusercontent.com/40461390/0d470400-5b19-11eb-8397-c018637fe897?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210404%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210404T111723Z&X-Amz-Expires=300&X-Amz-Signature=8cf17a13b74d4366f29306490c768ba11c27f9529b592f750f6b523ce3ce5100&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=40461390&response-content-disposition=attachment%3B%20filename%3Dmux.js&response-content-type=application%2Foctet-stream
Request Chain 188
  • https://pr-bh.ybp.yahoo.com/sync/appnexusprebidserver/?gdpr=0&euconsent=&us_privacy=&url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dbrightroll%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=brightroll&gdpr=0&gdpr_consent=&uid=y-5M_C1DZE2pHG4HZWygJTMx8BHEC93OboSPdirlI7sOfAlRD2r.1vRBQ-~A
Request Chain 223
  • https://sync.search.spotxchange.com/partner?source=dados HTTP 302
  • https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=6d8eb479-9537-11eb-b382-1669d4c93106
Request Chain 232
  • https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
Request Chain 233
  • https://id5-sync.com/i/167/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/167/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOW72iA1F8gllaN56hgWIU1sXU5PRwn2Hne08G3A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F167%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOW72iA1F8gllaN56hgWIU1sXU5PRwn2Hne08G3A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F167%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/167/124/8/2.gif?puid=cb7cf3db-f42c-4793-8bc8-48ba0a04ae42&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEAzx7MfgHUQAzJvgnw-VjiI&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEAzx7MfgHUQAzJvgnw-VjiI&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEAzx7MfgHUQAzJvgnw-VjiI%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4067890039530243391&opid=apx&ops=&utidl=tech:goo:CAESEAzx7MfgHUQAzJvgnw-VjiI&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A16697211058&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/167/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/167/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/167/19/6/4.gif?puid=37ad8958bc10ad964c3c5304a5b19e53&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F167%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F167%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/167/101/5/5.gif?puid=ce84d944-e3a6-4061-9dcf-009e32aab258&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F167%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F167%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 300
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB&dcc=t
Request Chain 301
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YGmgbnpO9fyfZTUURfDmcQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELG0ioR9-SVjXNpzsvgHH9w&google_cver=1&gdpr=1
Request Chain 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEAp3iE_-clqUyeZkhm0TS04&google_cver=1
Request Chain 303
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b6a146d5-da85-4cf4-8b6d-eebdeef1e630
Request Chain 305
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1ab36069-a071-4700-b89b-5bfccf5e91b5&gdpr=1&gdpr_consent=
Request Chain 307
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 347
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
Request Chain 354
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
Request Chain 359
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
Request Chain 364
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
Request Chain 366
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 399
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 409
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 446
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d7411bc5-e718-472f-ad9d-ed4b729e745b HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d7411bc5-e718-472f-ad9d-ed4b729e745b&tbid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&query=taboola_hm%3Dd7411bc5-e718-472f-ad9d-ed4b729e745b&isDirect=0
Request Chain 448
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=ocHj0BWGKe3O&ev=1&orig=trc&pid=562107
Request Chain 449
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4067890039530243391&orig=trc
Request Chain 450
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKVgxIIWg9dP-FFSUJ9CiPU&google_cver=1
Request Chain 452
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef
Request Chain 453
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7
Request Chain 454
  • https://ce.lijit.com/merge?pid=42&3pid=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 459
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0ad51a2a-2751-42b8-a521-d54ba8a305a6
Request Chain 460
  • https://id5-sync.com/s/464/9.gif?puid=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F6%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F6%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/6/2.gif?puid=9a3b616c-7eae-42ce-8cf0-94f4550dfb25&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/5/3.gif?puid=76d320e1-9537-11eb-a82a-a26ace9e5db4&gdpr=1&gdpr_consent=
Request Chain 461
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=-YMqrMm6CFmoUtzlcqBpYA
Request Chain 464
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=xS3GKOc0RPxKMeZ6DPJbwFJmE4g&user_group=1&ssp=taboola&gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=188&user_id=xS3GKOc0RPxKMeZ6DPJbwFJmE4g&user_group=1&ssp=taboola&gdpr=0 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=d28f40a2-3ebd-4316-9eb4-28c345b71494
Request Chain 475
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 494
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 506
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 543
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7&_origin=1&gdpr=1&gdpr_consent=
Request Chain 544
  • https://ssum.casalemedia.com/usermatchredir?s=185638&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=YGmgbnpO9fyfZTUURfDmcQAA%261177
Request Chain 545
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YGmgdAAAAHPM-xcV
Request Chain 547
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP70ff95ae-9537-11eb-98cf-06a7f397d880 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA3MGZmOTVhZS05NTM3LTExZWItOThjZi0wNmE3ZjM5N2Q4ODA%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESENepam8tZuIoZwMHWK4yYTs&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESENepam8tZuIoZwMHWK4yYTs&google_cver=1&apid=UP70ff95ae-9537-11eb-98cf-06a7f397d880
Request Chain 548
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=e8d6a4bd-c823-4604-9ac6-45f486cde86b&google_hm=ZThkNmE0YmQtYzgyMy00NjA0LTlhYzYtNDVmNDg2Y2RlODZi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAQzv57dqwH24KNKcuN8ONg&google_cver=1&ssp=themediagrid&bsw_param=e8d6a4bd-c823-4604-9ac6-45f486cde86b HTTP 302
  • https://grid.bidswitch.net/getuids?bsw_uid=e8d6a4bd-c823-4604-9ac6-45f486cde86b&ssp_custom_data=
Request Chain 553
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2f9c6069-a071-4700-8c15-5e9b1dd3046d
Request Chain 554
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=cqoycCWqM3lp_2Iocv4pfyb5Mnhp-DctIageCRiC
Request Chain 555
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2474264956784336345
Request Chain 558
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL0y8duO8-Bo9PtPJ0mtxkw&google_cver=1
Request Chain 559
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=73e26069-a071-4e00-aa35-5d3a5a2bacd1
Request Chain 560
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=IL_bkHe_2pk76d2adenAz3fp1M877o-dJL-rbRqP
Request Chain 561
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6913429739532060625
Request Chain 564
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL0y8duO8-Bo9PtPJ0mtxkw&google_cver=1
Request Chain 567
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YGmgdAAAAEiH5kpZ HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YGmgdAAAAEiH5kpZ&gdpr=1&_test=YGmgdAAAAEiH5kpZ
Request Chain 568
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3391684226002723786
Request Chain 570
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=36d5c3e1-5731-4abf-aaa7-4e1b2cab5012&expiration=1649071092
Request Chain 571
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6708214942078933608&uid=Q6708214942078933608&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 578
  • https://sb.scorecardresearch.com/p?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=120000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=0&ns_st_ci=01f2e8x5gvhgrbdarr&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1617535089056&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=3473&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Entertainment&ns_st_st=*null&ns_st_ce=1&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=floor8&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&c8=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&c9= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=120000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=0&ns_st_ci=01f2e8x5gvhgrbdarr&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1617535089056&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=3473&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Entertainment&ns_st_st=*null&ns_st_ce=1&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=floor8&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&c8=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&c9=&cs_ak_ss=1
Request Chain 581
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB
Request Chain 583
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1617621489&gdpr=1
Request Chain 585
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0612220427272207380a2fca&expiration=[EXPIRATION]&gdpr=1
Request Chain 587
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YGmgbnpO9fyfZTUURfDmcQAA%261177 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YGmgbnpO9fyfZTUURfDmcQAA%261177
Request Chain 588
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZKjjEn3MTaZh9NE3ONHf9VJmE4g HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZKjjEn3MTaZh9NE3ONHf9VJmE4g&C=1
Request Chain 591
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9749EB4B6EA34037A0335D9155655E87&gdpr=1
Request Chain 592
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=E9meiETZn4EIj5iCRo-F10SPkdcIiMqFF9kxzo2E
Request Chain 593
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1620127092
Request Chain 597
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739025642716504 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739025642716504&C=1
Request Chain 601
  • https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3391684226002723786&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 602
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=AGgX-lOQzcw7mUt0RUZYfA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 604
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=1dxxHpTc1Lt0LL5 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072979&val=1dxxHpTc1Lt0LL5
Request Chain 605
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=27981e07-f501-445d-81fb-a68e0104dd72&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=e8d6a4bd-c823-4604-9ac6-45f486cde86b
Request Chain 606
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDai1VN0EwMEVBQUNvVEVfYnp1Zw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 614
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1617535092&ip=82.102.19.136&l1=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fneustar%2F1%2Fcm%3Ftaboola_hm%3D164880203746000508866 HTTP 302
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164880203746000508866
Request Chain 615
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef HTTP 303
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&_li_chk=true&previous_uuid=0621956e156b431db1b9ea45ce302f03 HTTP 303
  • https://i.liadm.com/s/64716?bidder_id=88068&bidder_uuid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&previous_uuid=4ce2fac47df3482096499107d8930f77 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F64716%2F0%2F5a2209a58dfe4f2dbf40b1b4ea7f15d9%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&0621956e-156b-431d-b1b9-ea45ce302f03&bidder_id=88068&bidder_uuid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&previous_uuid=5a2209a58dfe4f2dbf40b1b4ea7f15d9 HTTP 302
  • https://i.liadm.com/s/e/64716/0/5a2209a58dfe4f2dbf40b1b4ea7f15d9?mpid=7156&muid=558a6069-a075-4100-b54e-e6d81ed65afe
Request Chain 616
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&gdpr=0&gdpr_consent=&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3617803610787151939 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNzgwMzYxMDc4NzE1MTkzORAAGg0I9cCmgwYSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=14f62bcf98eac6b29cf038896e6b9c20d86e1fd23ab7717be5f0cfd5880a6cb6f4cb09cee1a4f8eb&person_id=3617803610787151939&eid=50082
Request Chain 618
  • https://pixel.advertising.com/ups/55973/sync?uid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55973/sync?uid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55973/sync?uid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&_origin=1&apid=UP721f848b-9537-11eb-98cf-06a7f397d880 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55973/sync?uid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&_origin=1&apid=UP721f848b-9537-11eb-98cf-06a7f397d880&verify=true
Request Chain 622
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL5tnG4JD0dd8S6_Dv0he5M&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 623
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMwNDQ2MDE2OTE2MzI5NDc5OTc%3D
Request Chain 625
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13044601691632947997?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-zv_0djVE2oSNSWhg0urWlJ7yMGA9k0S0iXiVh0HcXQ--~A&dongle=0883
Request Chain 626
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4067890039530243391&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 627
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=13044601691632947997 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13044601691632947997&dcc=t
Request Chain 628
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
Request Chain 632
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL5tnG4JD0dd8S6_Dv0he5M&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 633
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMwNDQ2MDE2OTE2MzI5NDc5OTc%3D
Request Chain 635
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13044601691632947997?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-zv_0djVE2oSNSWhg0urWlJ7yMGA9k0S0iXiVh0HcXQ--~A&dongle=0883
Request Chain 636
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4067890039530243391&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 637
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=13044601691632947997 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13044601691632947997&dcc=t
Request Chain 638
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
Request Chain 670
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9110328642663396958
Request Chain 672
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H8KjTbx0SSWhuTCjCprjwA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 674
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 675
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&addseg=20
Request Chain 676
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUZDMkEzNEQtQkM3NC00OTI1LUExQjktMzBBMzBBOUFFM0Mw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 677
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOSEk9t4VYTzke6tvL3uqAM&google_cver=1
Request Chain 679
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ca33fd27-d505-467f-9f68-2b4d5fdee6f4
Request Chain 680
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8770401214796418885
Request Chain 681
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:558a6069-a075-4100-b54e-e6d81ed65afe&gdpr=0&gdpr_consent=
Request Chain 682
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4067890039530243391&gdpr=0&gdpr_consent=
Request Chain 685
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67403b81ec4d4d093dca5c175ef28c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g081_6947260328863070484 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=Njc0MDNiODFlYzRkNGQwOTNkY2E1YzE3NWVmMjhj&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEJMFcotKk-utDHq4AB2qefc&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=ca33fd27-d505-467f-9f68-2b4d5fdee6f4 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=YGmgdwAAAGmwNRNi HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YGmgdwAAAGmwNRNi&_test=YGmgdwAAAGmwNRNi HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=558a6069-a075-4100-b54e-e6d81ed65afe&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8770401214796418885 HTTP 302
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=2384280886308774858 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AADdtk7A00EAACmm_n_dxQ&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67403b81ec4d4d093dca5c175ef28c&gdpr=0&gdpr_consent=?gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-qx06VAJE2oPENwXIGDpYx4OxqWbw3khPh2GX0ATL~A
Request Chain 688
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Njc0MDNiODFlYzRkNGQwOTNkY2E1YzE3NWVmMjhj&gdpr=0&gdpr_consent=
Request Chain 689
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=67403b81ec4d4d093dca5c175ef28c&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 711
  • https://sync.search.spotxchange.com/partner?source=dados HTTP 302
  • https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=748c2405-9537-11eb-81a6-14d534133906
Request Chain 742
  • https://sb.scorecardresearch.com/p?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10001&ns_st_cl=120000&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=0&ns_st_ci=01f2e8x5gvhgrbdarr&ns_st_pt=10001&ns_st_dpt=10001&ns_st_ipt=10001&ns_st_ap=10001&ns_st_dap=10001&ns_st_et=10001&ns_st_det=10001&ns_st_upc=10001&ns_st_dupc=10001&ns_st_iupc=10001&ns_st_upa=10001&ns_st_dupa=10001&ns_st_iupa=10001&ns_st_lpc=10001&ns_st_dlpc=10001&ns_st_lpa=10001&ns_st_dlpa=10001&ns_st_pa=10001&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1617535099057&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Entertainment&ns_st_st=*null&ns_st_ce=1&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=floor8&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&c8=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&c9= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10001&ns_st_cl=120000&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=0&ns_st_ci=01f2e8x5gvhgrbdarr&ns_st_pt=10001&ns_st_dpt=10001&ns_st_ipt=10001&ns_st_ap=10001&ns_st_dap=10001&ns_st_et=10001&ns_st_det=10001&ns_st_upc=10001&ns_st_dupc=10001&ns_st_iupc=10001&ns_st_upa=10001&ns_st_dupa=10001&ns_st_iupa=10001&ns_st_lpc=10001&ns_st_dlpc=10001&ns_st_lpa=10001&ns_st_dlpa=10001&ns_st_pa=10001&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1617535099057&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Entertainment&ns_st_st=*null&ns_st_ce=1&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=floor8&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&c8=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&c9=&cs_ak_ss=1
Request Chain 762
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=773acb60-9537-11eb-a5ea-1541e8ac4806 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=773acb36-9537-11eb-a5ea-1541e8ac4806&orig=video&us_privacy=1---
Request Chain 781
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 792
  • https://sb.scorecardresearch.com/p?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=20001&ns_st_cl=120000&ns_st_hc=2&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=0&ns_st_ci=01f2e8x5gvhgrbdarr&ns_st_pt=20001&ns_st_dpt=20001&ns_st_ipt=10000&ns_st_ap=20001&ns_st_dap=20001&ns_st_et=20001&ns_st_det=20001&ns_st_upc=20001&ns_st_dupc=20001&ns_st_iupc=10000&ns_st_upa=20001&ns_st_dupa=20001&ns_st_iupa=10000&ns_st_lpc=20001&ns_st_dlpc=20001&ns_st_lpa=20001&ns_st_dlpa=20001&ns_st_pa=20001&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1617535109057&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Entertainment&ns_st_st=*null&ns_st_ce=1&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=floor8&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&c8=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&c9= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=20001&ns_st_cl=120000&ns_st_hc=2&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=0&ns_st_ci=01f2e8x5gvhgrbdarr&ns_st_pt=20001&ns_st_dpt=20001&ns_st_ipt=10000&ns_st_ap=20001&ns_st_dap=20001&ns_st_et=20001&ns_st_det=20001&ns_st_upc=20001&ns_st_dupc=20001&ns_st_iupc=10000&ns_st_upa=20001&ns_st_dupa=20001&ns_st_iupa=10000&ns_st_lpc=20001&ns_st_dlpc=20001&ns_st_lpa=20001&ns_st_dlpa=20001&ns_st_pa=20001&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1617535109057&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Entertainment&ns_st_st=*null&ns_st_ce=1&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=floor8&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&c8=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&c9=&cs_ak_ss=1
Request Chain 808
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=efcb41f766e423299de3a9553f6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g003_6947260410467266399 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZWZjYjQxZjc2NmU0MjMyOTlkZTNhOTU1M2Y2&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDkytRalD5wu2nLgUC6GCrM&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YGmghgAAAK08BCkN&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=83ce027b-be10-4fc4-9ef4-f2c98d254386 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=1d6b6069-a088-4700-9eb9-9e7992c874df&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1057358974672962741 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AACe207A00EAACqw35D4IA&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/efcb41f766e423299de3a9553f6&gdpr=0&gdpr_consent=?gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-wqRjEPhE2oO6hFy0UC3DvLzYBWcdMCaYHHmVO7LZ~A HTTP 302
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=2347797517123900663
Request Chain 812
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=efcb41f766e423299de3a9553f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 813
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZWZjYjQxZjc2NmU0MjMyOTlkZTNhOTU1M2Y2&gdpr=0&gdpr_consent=
Request Chain 831
  • https://sync.search.spotxchange.com/partner?source=dados HTTP 302
  • https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=7e7ce3cb-9537-11eb-900d-1f6fc1870506

809 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d...
info.silobreaker.com/e2t/tc/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d6bbdac79e07fc9cc51a80b21f8974aaa1617535082; expires=Tue, 04-May-21 11:18:02 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=a25380078a45c218ad4523ab6e2294636c0833b9-1617535083; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray
63aa223c9d6f0b67-AMS
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
093e33b9e200000b67fbb93000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GRGPnDSdG9r%2BmnjiHzni%2Bh5m6LrFiVP%2FinbuAsy7gki%2F1EvM4vF9Dvqdmppi0S8saLcDHkxLERMzSsrEmwBVy%2BzJipwTTjdtAiukawhAp7t8DdLa3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
content-encoding
br
Primary Request Inside-HQ-Chinese-cyber-ransom-gang.html
www.dailymail.co.uk/news/article-9433257/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8...
  • https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEW...
500 KB
96 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7885fec7134d3115008170947698105b00a94fad9ef19a0f8fc4677d77bbcb25

Request headers

:method
GET
:authority
www.dailymail.co.uk
:scheme
https
:path
/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1

Response headers

content-type
text/html;charset=UTF-8
set-cookie
x-loc=none; path=/ percent=446490;Max-Age=31536000;path=/;HttpOnly;Secure ak_bmsc=B3498315B8B4845B1DF03FB38D22B5ED0210BABFDD2200006BA0696021CD2253~pls8i2W90sPiBzbCdYBgzXQ8QpKKdOkWvkmIjIxu1PHa5ezThKGgd2TrGtA1+Hy8bHlvTlGX46m2ZBXmKd1/1+6UksItBT3DDC3b7Nkjz/EnSUJvhM3iIO5XSUd594HMUf0sld21BFGhJUCDEPVboy57uEsuOnBrdc9koGg+aq00tyZqQmzYN/wXdUrcNzolR15PMzoRtkd97jnkCVu8luEKNi/ppaOviuTp4eb3JU7r2KYf9D/JWnHGLLQiBSUYaS; expires=Sun, 04 Apr 2021 13:18:03 GMT; max-age=7200; path=/; domain=.dailymail.co.uk; HttpOnly AKA_A2=A; expires=Sun, 04-Apr-2021 12:18:03 GMT; path=/; domain=dailymail.co.uk; secure; HttpOnly
x-rs-ctime
240
vary
User-Agent Accept-Encoding
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
origin; dur=163 edge; dur=24 cdn-cache; desc=REVALIDATE
x-mol-georesp
de
x-rs-ben-time
Sun, 04 Apr 2021 11-18-03 GMT
x-rs-time
Sun, 04 Apr 2021 11-18-03 GMT
x-rs-ops
varnish6-web-a2-fe:6081
x-rs-ben
cljfe-b1:8181
x-storage
newarticles
x-akamai-transformed
9 506920 0 pmb=mRUM,2
content-encoding
gzip
cache-control
max-age=42
date
Sun, 04 Apr 2021 11:18:03 GMT

Redirect headers

date
Sun, 04 Apr 2021 11:18:03 GMT
location
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
cf-ray
63aa223d3ea20b67-AMS
link
<https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
093e33ba4600000b6721928000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wjRbBc9kFJq%2FmpB17hKdTMgJ4%2FLCDxOw0rKvfuL4RHuMltTFjk8n%2FoMoyQYDn9SZVL0CIaqaZbCVija3%2BK37E2bwiuICkgG4MdxW%2BqcuipCPCCRu3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
articleDefer.css
www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.19.2/ 		337 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.19.2/articleDefer.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
d4e19725f2267ea85db18c1072e6cad9ce5e3de2ca1184e3c780d415abba9e4f

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
85379
x-akamai-http2-push
1
last-modified
Wed, 31 Mar 2021 09:21:17 GMT
server
Akamai Resource Optimizer
etag
"e5ef61c96ede54ae29497f0762e65729:1617178978.300287"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2239432
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Fri, 30 Apr 2021 09:21:55 GMT
mol-adverts.desktop.css
www.dailymail.co.uk/static/mol-adverts/4.1.48/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.desktop.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
965d8f580475533a5f086cc3d84c5b50b3dde5cde78959fb2a1261bcbc8e34e7

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
last-modified
Tue, 23 Mar 2021 14:36:47 GMT
server
Akamai Resource Optimizer
etag
"659e2fb774fd0323aee23346eb0cae21:1616509278.266659"
vary
User-Agent
content-type
text/css
cache-control
max-age=1567115
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
5178
expires
Thu, 22 Apr 2021 14:36:38 GMT
registration--.css
www.dailymail.co.uk/static/gunther/17.13.0/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/gunther/17.13.0/registration--.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
03482ceb4519a7706406f47e5992b55e9e5974abd56c45af482a7e1a09d836e6

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
4945
last-modified
Sun, 21 Mar 2021 05:37:27 GMT
server
Akamai Resource Optimizer
etag
"1d7a19f1f78591a33d5ec97dd91f96b4:1593164448.110325"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1361868
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Tue, 20 Apr 2021 05:35:51 GMT
desktop.css
www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.12.2/ 		152 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.12.2/desktop.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
8f9584b90be33bd7c46ca2521386b57de0bf7094d3f2a56b5b44111fbd094c85

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=13
content-length
94448
last-modified
Sun, 14 Mar 2021 07:22:14 GMT
server
Akamai Resource Optimizer
etag
"625d215ccc396c317248be2f901b6985:1614275748.837985"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=763392
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Tue, 13 Apr 2021 07:21:15 GMT
all--.css
www.dailymail.co.uk/static/gunther/17.14.0/ 		267 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/gunther/17.14.0/all--.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
d43ac5826a74f4e5dcd9435aabe994b89a7e2030babd441463c621e96eec0375

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
34267
last-modified
Sun, 09 Aug 2020 02:32:46 GMT
server
Akamai Resource Optimizer
etag
"e391873d0754fa60110c5299203d6f76:1595000955.065137"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=659887
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Mon, 12 Apr 2021 02:36:10 GMT
all1--.css
www.dailymail.co.uk/static/gunther/17.14.0/ 		55 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/gunther/17.14.0/all1--.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
62e5b5020499d0dbd26922152f199b559ee4922d9132b4242364edf88dc63121

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
10119
last-modified
Fri, 12 Mar 2021 00:41:17 GMT
server
Akamai Resource Optimizer
etag
"2456679cc8c0c996054aec3c292d82d0:1595000965.438073"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=566667
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Sun, 11 Apr 2021 00:42:30 GMT
rc-main--.css
www.dailymail.co.uk/static/gunther/17.14.0/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/gunther/17.14.0/rc-main--.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
ee80e2de5c026fa3c0786f587eed85d1521d50ba1aba027c2b0714c108c351a6

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
4321
last-modified
Fri, 12 Mar 2021 03:16:17 GMT
server
Akamai Resource Optimizer
etag
"02c739164733a3164294a8737f313c36:1595000956.467317"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=575947
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Sun, 11 Apr 2021 03:17:10 GMT
fff.css
www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.5.1/styles/ 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.5.1/styles/fff.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
01ae4bee7f4b463778e1e929d83b4eedcaf598d05ae8e748030259b5b5f0b083

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
7921
last-modified
Fri, 12 Mar 2021 09:56:25 GMT
server
Akamai Resource Optimizer
etag
"cf69bb0d655c656383a84adc6fe705c6:1614161268.230781"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=599878
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Sun, 11 Apr 2021 09:56:01 GMT
v-0.58.min.js
www.dailymail.co.uk/rta2/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/rta2/v-0.58.min.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
08cbadc6957dd17b23964ba5763146e595ce4be96dbbb12f297909b1f70eff25

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
last-modified
Wed, 13 Jan 2021 13:59:19 GMT
server
Akamai Resource Optimizer
etag
"e29ae5b09b7c2666dc21de1c945df71c:1610033065.33783"
vary
User-Agent
content-type
application/x-javascript
cache-control
max-age=269719
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
5176
expires
Wed, 07 Apr 2021 14:13:22 GMT
desktop.js
www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.12.2/ 		368 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.12.2/desktop.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
66941faf7eaa7bc92af67e1c8cb977c059ecf224d2ba7c8c618e99fac5be099e

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
93294
x-akamai-http2-push
1
last-modified
Fri, 12 Mar 2021 01:37:59 GMT
server
Akamai Resource Optimizer
etag
"1e8f356e3025031a2d6d4ff25aa557bf:1614275759.567146"
vary
User-Agent
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=569955
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Sun, 11 Apr 2021 01:37:18 GMT
mol-adverts.js
www.dailymail.co.uk/static/mol-adverts/4.1.48/ 		1 MB
220 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
20b8a16c955e7bcab455388b9870c44f09d2cacf74d6ba625aeca757d76db531

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
last-modified
Tue, 23 Mar 2021 14:38:28 GMT
server
Akamai Resource Optimizer
etag
"d77c90178604eb04e3b18e0243757ea9:1616509281.809275"
vary
User-Agent
content-type
application/x-javascript
cache-control
max-age=1567194
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
224587
expires
Thu, 22 Apr 2021 14:37:57 GMT
articleDefer.js
www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle//6.19.2/ 		520 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle//6.19.2/articleDefer.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
ce03ad949eaf22f8146d090a7491cbd5130e48b064467fa71b8099675d5b9c7a

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
122502
last-modified
Wed, 31 Mar 2021 09:42:25 GMT
server
Akamai Resource Optimizer
etag
"a6945714be7ce0a2c93187d1db1a67f9:1617178969.402267"
vary
User-Agent
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2240713
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Fri, 30 Apr 2021 09:43:16 GMT
async_bundle--.js
www.dailymail.co.uk/static/gunther/17.14.0/ 		328 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/gunther/17.14.0/async_bundle--.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
0c7912ff68380c2a84d28cf812215fb6d230d5750f9f67b328970e01d0da5a37

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=8
content-length
85559
last-modified
Fri, 18 Sep 2020 02:58:02 GMT
server
Akamai Resource Optimizer
etag
"0620d2935cb03d1451a72e524963ba2d:1595000960.633166"
vary
User-Agent
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1784894
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Sun, 25 Apr 2021 03:06:17 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		335 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c98ec5f05be6652eb6138038cdd3934dc872ddff5df9c2b6d88da5a443586b2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117332
x-xss-protection
0
expires
Sun, 04 Apr 2021 11:18:04 GMT
mol-fe-videoplayer.min.css
www.dailymail.co.uk/static/videoplayer/6.12.0/styles/ 		90 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/videoplayer/6.12.0/styles/mol-fe-videoplayer.min.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
c64308e6ed3ab4dc8c78868174040d8d09546ea9e6ab19682285a675897edc98

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
10681
last-modified
Thu, 11 Mar 2021 13:28:27 GMT
server
Akamai Resource Optimizer
etag
"62426632e135cbbb9a89d534c68e342c:1608199879.200558"
vary
User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=526216
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Sat, 10 Apr 2021 13:28:19 GMT
mol-fe-videoplayer.min.js
www.dailymail.co.uk/static/videoplayer/6.12.0/scripts/ 		449 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
aedf94ad839f3db31848e2b9659dd2b576b7047ea6638988aacfd782df9d8c8c

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
102544
last-modified
Thu, 11 Mar 2021 23:26:12 GMT
server
Akamai Resource Optimizer
etag
"bee78577ce805b4bf5f249774d50c953:1608199877.465708"
vary
User-Agent
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=562076
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Sat, 10 Apr 2021 23:26:00 GMT
logo_mol.gif
i.dailymail.co.uk/i/sitelogos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/sitelogos/logo_mol.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
f17cf1cb73dc13f928ef0122375fe550926a471e46d614199bfe8ef69733437a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Tue, 09 Dec 2008 12:49:57 GMT
server
Apache
etag
"258fb3209febe558120d7d564d7422b1:1228827055"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
3918
expires
Tue, 04 May 2021 11:18:04 GMT
DailyMail.png
i.dailymail.co.uk/i/furniture/facebook/DailyMail/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/facebook/DailyMail/DailyMail.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e10f899db5ca9e90a689535e19be3c8c873b3ceaabbc7acd9da39ffe2f1a2bdf

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Wed, 31 Mar 2021 22:19:29 GMT
server
AkamaiNetStorage
etag
"c15d32bd02268be0a8175e768b3f901d:1617229169.922518"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
2199
expires
Tue, 04 May 2021 11:18:04 GMT
35089768-0-image-a-22_1604181293459.jpg
i.dailymail.co.uk/1s/2020/10/31/21/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2020/10/31/21/35089768-0-image-a-22_1604181293459.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16b895ebb88f0c49d8686ec799ba42cc70e7a41e71350d984587b3fdd46a4fbb

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2wN9.fcaL.5DBuzSoDCCscsfJNNzKxya
last-modified
Sat, 31 Oct 2020 21:54:54 GMT
server
AmazonS3
x-amz-request-id
ZT3DJDK75C030EFN
etag
"f908bead1c03dd8e4afae6162a66754b"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6275
x-amz-id-2
i3WKKgZVyd7dBqz9cQGKPDlTdVmR3sO94tnzrQAFmI3q3olt/2oNRo5so3P1RUAvgJ5MJMQyeM0=
expires
Tue, 04 May 2021 11:18:04 GMT
37767058-0-image-a-23_1610117359961.jpg
i.dailymail.co.uk/1s/2021/01/08/14/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/01/08/14/37767058-0-image-a-23_1610117359961.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9a80789a73d8d6e098e972be5b2733ba0743c6b93abd1701bc470d216525b09

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4BhbdQXAG60DCQC6Sk5byNxF2HsYx9_o
last-modified
Fri, 08 Jan 2021 14:49:21 GMT
server
AmazonS3
x-amz-request-id
Z6X62QH4Z0G5FMKK
etag
"9d2c430d5dd0f1ecc412f556d95a328b"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3995
x-amz-id-2
ljLT1D1HS88heSSYbKX69aoSrk6cFR4vZNl3eaTgWVpQCA2n09syaJjVjPfd3H6BLNq515kpn1Q=
expires
Tue, 04 May 2021 11:18:04 GMT
btn_add-your-comment.png
i.dailymail.co.uk/i/furniture/comments/articles/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/comments/articles/btn_add-your-comment.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b6849b99c9da8c60aec9d8fcad58817ef0aabe354e6f9194f24b7e68df71f41a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Mon, 06 Nov 2017 11:57:22 GMT
server
AkamaiNetStorage
etag
"35cf287579c56cfa1b37c7d845558128:1509969442"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
1349
expires
Tue, 04 May 2021 11:18:04 GMT
icon_comments_74.png
i.dailymail.co.uk/i/furniture/comments/articles/ 		517 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/comments/articles/icon_comments_74.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
10d217fc2d14b793dd2acba83780093ff88896b4433f7eb36bfc4a220f78350f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Tue, 28 Feb 2017 12:52:27 GMT
server
Apache
etag
"a85bf8e29331cd62725b2bb16387eb8d:1488286347"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
517
expires
Tue, 04 May 2021 11:18:04 GMT
index.css
scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.15.2/ 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.15.2/index.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
dfe131a134d2c15a3b806281cc1abd4e3f13ac7fd24b6f9112c74db134c56b93

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-encoding
gzip
last-modified
Mon, 16 Nov 2020 15:53:42 GMT
server
AkamaiNetStorage
etag
"a78c74bb2c59d611458e07b04c6825a6:1605542022.605853"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
6158
expires
Tue, 04 May 2021 11:18:03 GMT
index.js
scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.15.2/ 		107 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.15.2/index.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9b24fc5325cc8dd978b2b720723b9faa67d3f21f19f286dbe5b4949d1cebfe22

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
gzip
last-modified
Mon, 16 Nov 2020 15:53:44 GMT
server
AkamaiNetStorage
etag
"35d971a8a83f9d3ad7b500220697ba10:1605542024.411093"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39453
expires
Tue, 04 May 2021 11:18:04 GMT
door.js
uk-script.dotmetrics.net/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/door.js?d=www.dailymail.co.uk&t=news
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-83.dus51.r.cloudfront.net
Software
Kestrel /
Resource Hash
a9f2f84b95a2d0b69a5bcd711b41957c8e996d0f532db32c0d1bae12c5476c0e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
DUS51-C1
etag
".www.dailymail.co.uk.news.177.2021040411"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
cache-control
private
content-type
application/javascript
x-amz-cf-id
7-Dr7djzcIzRhyVGJyINerTypztKl3KYh5l6bmzkcQnMjW_4D7cm2Q==
sa
ted.dailymail.co.uk/s/ 		224 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ted.dailymail.co.uk/s/sa
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e037cc01f9b03ec82be7384d1e0c86b2a79cf6b0baef6af21798dec74a337b81

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Sun, 04 Apr 2021 11:18:03 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
224
x-rs-ops
rta2-rufus-a1-fe.hsk.mol.dmgt.net:8180
sa
t.dailymail.co.uk/s/ 		225 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.dailymail.co.uk/s/sa
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
afb9b2b40a988995096a16c1a07befc8d89ef46a30c036bbb20fe053da436c1a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 04 Apr 2021 11:18:03 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Sun, 04 Apr 2021 11:18:03 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
225
x-rs-ops
rta2-rufus-c2-fe.rdg.mol.dmgt.net:8180
r2
sb.scorecardresearch.com/
Redirect Chain
  • https://swa.and.co.uk/b/ss/anddailymailprod/1/JS-2.9.0/s17808068967526?AQB=1&ndh=1&pf=1&t=4%2F3%2F2021%2013%3A18%3A3%200%20-120&fid=139CDEF3165DB2B4-0E9CD450420CD941&ce=iso-8859-1&ns=associatednort...
  • https://swa.and.co.uk/b/ss/anddailymailprod/1/JS-2.9.0/s17808068967526?AQB=1&pccr=true&vidn=3034D03679BF03D4-400000565348E86D&ndh=1&pf=1&t=4%2F3%2F2021%2013%3A18%3A3%200%20-120&fid=139CDEF3165DB2B4...
  • https://sb.scorecardresearch.com/r?c2=6034964&d.c=gif&d.o=anddailymailprod&d.x=5646508411&d.t=page&d.u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-ga...
  • https://sb.scorecardresearch.com/r2?c2=6034964&d.c=gif&d.o=anddailymailprod&d.x=5646508411&d.t=page&d.u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-g...
43 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/r2?c2=6034964&d.c=gif&d.o=anddailymailprod&d.x=5646508411&d.t=page&d.u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&cs_ak_ss=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:04 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/r2?c2=6034964&d.c=gif&d.o=anddailymailprod&d.x=5646508411&d.t=page&d.u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&cs_ak_ss=1
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:04 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
register.js
hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/register.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.12.2/desktop.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4c3cce7c2373fc4acb18cddf35cb7c8b28fea5e8ba592c520168c79a05cdb7b4

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-rs-ops
mol-fe-web-push-notification-a5-fe:8080
date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, Authorization
content-length
11706
service-worker-allowed
/
expires
Sun, 04 Apr 2021 11:18:04 GMT
sync
sync.sxp.smartclip.net/
Redirect Chain
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=10
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=10&ang_testid=1
42 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.sxp.smartclip.net/sync?type=red&dsp=10&ang_testid=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.183.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-183-220.eu-west-1.compute.amazonaws.com
Software
nginx/1.17.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
nginx/1.17.6
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
42

Redirect headers

Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
nginx/1.17.6
Location
https://sync.sxp.smartclip.net/sync?type=red&dsp=10&ang_testid=1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
edgedata.html
www.dailymail.co.uk/geo/ 		785 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/geo/edgedata.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dfb749c8597c2c8686580548520a1575a8026ed3efda320792bc9f5bc8cd246a

Request headers

pragma
no-cache
cache-control
no-cache
Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
vary
User-Agent
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
content-type
text/html
cache-control
max-age=1624
server-timing
edge; dur=1, cdn-cache; desc=HIT
content-length
785
x-akamai-transformed
9 785 0 pmb=mRUM,2
gpt.js
www.googletagservices.com/tag/js/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25cef1bdad735ed734b1eda13d68d8f6fa488377ea9a113c64b79e855fd7d670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"832 / 133 of 1000 / last-modified: 1617401775"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19743
x-xss-protection
0
expires
Sun, 04 Apr 2021 11:18:04 GMT
launcher.js
sak.userreport.com/mol/ 		46 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sak.userreport.com/mol/launcher.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8c00:8:5c85:cdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a2d04bb04d52ca53c1aaf2f8de8574e929f1136e08c828f36bfe0b03d588835

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
I0zZ8fJjlbBdpU31WSxSwsQh_njKJ8CZ
Via
1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Mon, 16 Nov 2020 11:54:59 GMT
Server
AmazonS3
Age
30
ETag
"6d509bc807890482e7742fa12a3fdc85"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=7200, s-maxage=60
Date
Sun, 04 Apr 2021 11:17:40 GMT
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
47511
X-Amz-Cf-Id
J6QKu4pdFEmydbfsKWOvQXBr3yVW2tcnrxkbiNtuGBSEp75ABUtBtA==
pubcid.min.js
www.dailymail.co.uk/static/mol-adverts/demo/mol-21682/dist/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-adverts/demo/mol-21682/dist/pubcid.min.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
last-modified
Sat, 13 Mar 2021 03:07:48 GMT
server
Akamai Resource Optimizer
etag
"c74b87c9a8cadd3463a338a08b3f2cf6:1603291730.298429"
vary
User-Agent
content-type
application/x-javascript
cache-control
max-age=661805
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
16091
expires
Mon, 12 Apr 2021 03:08:09 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 22:11:27 GMT
content-encoding
gzip
server
Server
age
47196
etag
9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
GYObFiYQFsAPpwZjonnhqGiTvSP1inUf
x-amz-cf-id
dlfHujbSAWu2R-bsEKqDINcQKxoho03pzmSC1BFWu-a5wnVU4Ng9_Q==
tfa.js
cdn.taboola.com/libtrc/unip/1125455/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1125455/tfa.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75dca905ca700a6843470e7638fdf46281829d2da9508e0247e743602bac4fed

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
EMMU5fqLH9.EQbsxtr8Wa5cEVsQSPsAl
content-encoding
gzip
etag
"0c7026370d33e91ae6524712c9a2925f"
age
122
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21997
x-amz-id-2
ZgrlfWdHgYRq2z/UeaFDkXRgnhjRvEnEh3ogHhHL5g39F1vnPxsyvLsRykVreLgVbWQCfQTE4gg=
x-served-by
cache-fra19121-FRA
last-modified
Tue, 09 Mar 2021 16:47:47 GMT
server
AmazonS3
x-timer
S1617535084.461919,VS0,VE1
date
Sun, 04 Apr 2021 11:18:04 GMT
vary
Accept-Encoding
x-amz-request-id
14NHVDSPT5GW7P1X
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
17
x-cache-hits
1
adsm.macro.4111597d-dc70-4fd8-b25e-7d24d8423e73.js
macro.adnami.io/macro/spec/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://macro.adnami.io/macro/spec/adsm.macro.4111597d-dc70-4fd8-b25e-7d24d8423e73.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77f951b4aefa28403632bfc068196aaf2051e44078527250c041ad4930d4e186

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
BaNtzeZk591KUCHKDlyEXQ==
age
5055
content-disposition
cf-request-id
093e33bfb700004ee5dd04c000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 27 Nov 2020 15:55:08 GMT
server
cloudflare
etag
W/"0x8D892ECD0E071CB"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
158f6a61-a01e-0024-273b-db0adc000000
cache-control
public, max-age=14400
x-ms-version
2014-02-14
cf-ray
63aa2245fe404ee5-FRA
expires
Sun, 04 Apr 2021 15:18:04 GMT
directsdk.js
aka.spotxcdn.com/integration/directsdk/v1/
Redirect Chain
  • https://js.spotx.tv/directsdk/v1/234272.js
  • https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
418 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-234.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d6fa7c39b1d5e288c739c3a225a90d0698798485d5b17c1350dc17925942b841

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Sep 2020 19:35:03 UTC
Server
nginx
Access-Control-Allow-Headers
ETag
7112a693437c5fad3aa28033ed1f53f1
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=257
Connection
keep-alive
Timing-Allow-Origin
*
X-SpotX-Build-Version
1.31.0-20200910.1910
Content-Length
157844

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:04 GMT
Last-Modified
Sun, 04 Apr 2021 11:18:04 UTC
Server
nginx
Location
//aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
post-check=0, pre-check=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
52
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
iris-context.min.js
ovp.iris.tv/libs/context/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ovp.iris.tv/libs/context/iris-context.min.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:9600:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cec2c1b07ec561c19dbb290120711abfcfffc93359080ab3760af6119a364bad

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
slqHeAfcx7ypAfjiCBQaUewyYpq955Ao
content-encoding
gzip
last-modified
Tue, 23 Mar 2021 20:29:32 GMT
server
AmazonS3
age
26734
etag
W/"7715a659dc0df79086ae769c891dfd9b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
date
Sun, 04 Apr 2021 03:52:54 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
aB6oVinTX1xMfjzH7WgxFaY88Rtw7arcVEpuhZUhMEyrPRFMPwP2NQ==
klick-dailymail.js
storage.cloud.kargo.com/ad/network/klick/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.cloud.kargo.com/ad/network/klick/klick-dailymail.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b94472d780db3b45c0920bb2dbd0cb57660d80671491ada0ef15776f3de9e812

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
S4lmeeHObFqS8xYQ_eDM32vJF.umlPRv
content-encoding
gzip
etag
"44e6b966c12b759049179f23810ace77"
x-amz-request-id
6FF7AA635055E7A7
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
1627
x-amz-id-2
+U9XRWm0kKlPTmQYygke82470SYqVNKxZz/3D161phit4wWe6Ymz170HIrQVn/6zU7zUJm8plEE=
last-modified
Mon, 10 Jun 2019 14:32:31 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:04 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
topVideos.json
secured.dailymail.co.uk/feeds/commercial/ 		101 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secured.dailymail.co.uk/feeds/commercial/topVideos.json
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0315752edc64489c4616949b4511b7fd8bcdf2148e64a5f0f9c3a7244d5cad30

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:04 GMT
Content-Encoding
gzip
x-rs-ben-time
Sun, 04 Apr 2021 11-11-48 GMT
Connection
keep-alive
Content-Length
30177
X-rs-ops
varnish6-web-c1-fe:6081
Access-Control-Allow-Headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, Authorization
vha6-origin
varnish6-web-c2.rdg.mol.dmgt.net
x-rs-time
Sun, 04 Apr 2021 11-12-44 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=1800
Accept-Ranges
bytes
x-rs-ben
video-feed-c2:3000
x-storage
other
Expires
Sun, 04 Apr 2021 11:48:04 GMT
match
e.serverbid.com/udb/9969/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fpool%2Fset%2Fi.gif%3FpoolId%3D9969%26poolKey%3D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
content-length
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
975ab5c9d745a844535ec7e7ee66e68277794e8b2b017b1030a783a995dce819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
811
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
760
etag
W/"540-NcngOgO2i/y1dH5EgL2PU4JWItg"
x-served-by
cache-fra19182-FRA, cache-hhn4072-HHN
date
Sun, 04 Apr 2021 11:18:04 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cookie_sync
prebid.adnxs.com/pbs/v1/ 		804 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
692c21097fd1b5daabe6c434af68f948dd87daf295dda7baa28b787c3af18be2

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:04 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		179 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
ee39748e070e806696fed9b4f0600b3b32cce2bb1a4dfc5f5e4e05d1d4d40ae8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
179
Expires
0
cdb
bidder.criteo.com/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.13.0-mol-1&cb=56836912655
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:04 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.13.0-mol-1&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&tmax=3000
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.225.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-225-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:04 GMT
x-auction-status
12, 12, 12, 12, 12, 12, 12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8625&site_id=124374&zone_id=587732%3B587732%3B587734%3B587734%3B1102954%3B1102954%3B587746%3B587746%3B587754%3B587754&size_id=2%3B2%3B2%3B2%3B2%3B2%3B15%3B15%3B15%3B15&alt_size_ids=57%3B57%3B57%3B57%3B%3B%3B%3B%3B10%3B10&p_pos=atf%3Batf%3B%3B%3B%3B%3B%3B%3Batf%3Batf&eid_pubcid.org=0c92a29f-5391-4b15-873b-cf2bf278513b%5E1&rf=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&tg_i.area=news&tk_flint=pbjs_lite_v4.13.0-mol-1&x_source.tid=16bfde3e-22ea-40c2-9a7c-9f2202a4bb5b%3B16bfde3e-22ea-40c2-9a7c-9f2202a4bb5b%3B272a6917-7c47-46de-afe4-26a2cfe5fd77%3B272a6917-7c47-46de-afe4-26a2cfe5fd77%3Bf957e2dd-e889-4989-b3ad-061c5f41deb9%3Bf957e2dd-e889-4989-b3ad-061c5f41deb9%3Bc6f7aa41-4fa8-4680-b44e-cff12cffc5bc%3Bc6f7aa41-4fa8-4680-b44e-cff12cffc5bc%3B578d1e0e-4498-42a8-b6c4-f364e61bfd6a%3B578d1e0e-4498-42a8-b6c4-f364e61bfd6a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=10&rand=0.9796925540467254
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
14ef26c6f8220a3f50d166386ea7ae97fddafc3748cf03be9655639300c3f5ca

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:04 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
413
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8625&site_id=124374&zone_id=587764%3B587764%3B587782%3B587782%3B724806%3B724806%3B587784%3B587784%3B587786%3B587786&size_id=15%3B15%3B15%3B15%3B15%3B15%3B9%3B9%3B9%3B9&alt_size_ids=%3B%3B%3B%3B10%3B10%3B8%2C10%3B8%2C10%3B8%2C10%3B8%2C10&p_pos=%3B%3B%3B%3Batf%3Batf%3Batf%3Batf%3Batf%3Batf&eid_pubcid.org=0c92a29f-5391-4b15-873b-cf2bf278513b%5E1&rf=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&tg_i.area=news&tk_flint=pbjs_lite_v4.13.0-mol-1&x_source.tid=ab0df7c2-5b70-4b76-a006-700329f519b4%3Bab0df7c2-5b70-4b76-a006-700329f519b4%3B4bdf84f9-98e3-49a7-a8ab-b1bdc97ccfb1%3B4bdf84f9-98e3-49a7-a8ab-b1bdc97ccfb1%3Bd0258e40-b3cf-419d-82e0-843564036eb5%3Bd0258e40-b3cf-419d-82e0-843564036eb5%3Bc3215885-9c36-4a71-962f-8af17a4caceb%3Bc3215885-9c36-4a71-962f-8af17a4caceb%3B246e25ed-7ba3-45a0-90a8-1118c359945b%3B246e25ed-7ba3-45a0-90a8-1118c359945b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=10&rand=0.5098528758535412
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0ef8411501eb4144cee27cad2570efaec5c834e01e885623afc8951dbca7b56f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:04 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
413
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		273 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8625&site_id=124374&zone_id=1077764&size_id=57&alt_size_ids=68&eid_pubcid.org=0c92a29f-5391-4b15-873b-cf2bf278513b%5E1&rf=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&tg_i.area=news&tk_flint=pbjs_lite_v4.13.0-mol-1&x_source.tid=c6ac97fc-da1f-4ec1-ad37-de1a79b4f95b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3543083830652307
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d3f558d5652153b808beb6e99aff1be451af4b06ffce53e9095f4d3d0d59bc87

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
273
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v2
mfad.inskinad.com/api/ 		160 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mfad.inskinad.com/api/v2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.88.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-88-36.compute-1.amazonaws.com
Software
nginx/1.16.1 / adzerk bifrost/
Resource Hash
13eaa370f2ff74eb34920d3eeb7b6c55bdc71bb32fc5f6fbeea2e88c623dd4ba

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:04 GMT
ETag
W/"a0-khZdquwfA9vjpbid06KUrw6JQ5E"
Server
nginx/1.16.1
x-powered-by
adzerk bifrost/
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
Content-Length
160
x-served-by
engine-production-i-074a14d4d7d089cef
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=UE1ipEDEKoyyb15cvRxTAmVB&bidId=737969d44335513&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:04 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=YAXW2p8nPTWGVCrPcj5NrxpA&bidId=74961139313fd1e&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:04 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=M46LPS2pKznZDhrVQRRVFfdn&bidId=7547c507517b3b7&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:04 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=9gB7gxs6pHmD6t77SUopsddr&bidId=763d6365d96e668&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:04 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=77KLm6Ar3LiwYgCjLn6WXoM1&bidId=773d68688f9c6eb&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:04 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=77KLm6Ar3LiwYgCjLn6WXoM1&bidId=78afb5535f7cbc&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:04 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=t7x4dsgHox9LRR8hNFR7Yyzv&bidId=79f73f54cbc44cb&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:04 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=mDYufSNjn6gUsPvDghG42mG6&bidId=8040cc02308c53b&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:04 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=mDYufSNjn6gUsPvDghG42mG6&bidId=818378c6691796f&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:04 GMT
access-control-allow-credentials
true
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		374 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&CanonicalUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&PublisherDomain=https%3A%2F%2Fwww.dailymail.co.uk
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
04f8b162a211c2895b0efe7116a6784e3cbe5066a7bd0d15fd4e94708832a85d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:04 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
57
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
374
expires
0
arj
mailonline-uk-d.openx.net/w/1.0/ 		174 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-uk-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f957e2dd-e889-4989-b3ad-061c5f41deb9%2Cf957e2dd-e889-4989-b3ad-061c5f41deb9%2Cc6f7aa41-4fa8-4680-b44e-cff12cffc5bc%2Cc6f7aa41-4fa8-4680-b44e-cff12cffc5bc%2Cab0df7c2-5b70-4b76-a006-700329f519b4%2Cab0df7c2-5b70-4b76-a006-700329f519b4%2C4bdf84f9-98e3-49a7-a8ab-b1bdc97ccfb1%2C4bdf84f9-98e3-49a7-a8ab-b1bdc97ccfb1%2C73a1d2d9-591b-4bde-b823-33d4ea580427%2C73a1d2d9-591b-4bde-b823-33d4ea580427%2Cc1b48d86-9390-4340-b809-1cfc4b0c7f7c%2Cc1b48d86-9390-4340-b809-1cfc4b0c7f7c%2C10408b49-b339-4468-914f-62dc88dea89b%2C10408b49-b339-4468-914f-62dc88dea89b%2Ce136bbd1-9772-4c00-8117-d5def5868a62%2Ce136bbd1-9772-4c00-8117-d5def5868a62&nocache=1617535084321&pubcid=0c92a29f-5391-4b15-873b-cf2bf278513b&aus=728x90%7C728x90%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C160x600%2C120x600%7C160x600%2C120x600%7C160x600%2C120x600%7C160x600%2C120x600%7C300x250%7C300x250%7C300x250%7C300x250&divIds=leader_wide%2Cleader_wide%2Cmpu_middle%2Cmpu_middle%2Cmpu_puff_20%2Cmpu_puff_20%2Cmpu_puff_45%2Cmpu_puff_45%2Csky_left_top%2Csky_left_top%2Csky_right_top%2Csky_right_top%2Cmpu_mobile_top%2Cmpu_mobile_top%2Cmpu_top%2Cmpu_top&auid=540437664%2C540437664%2C538767661%2C538767661%2C538767664%2C538767664%2C538767666%2C538767666%2C538767667%2C538767667%2C538767668%2C538767668%2C538767673%2C538767673%2C539384359%2C539384359
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
055b8013783b742462dfbe24990962bb2c49548451953c3a56a0c54d5dd076d8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:05 GMT
content-encoding
gzip
server
OXGW/16.205.50
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=193651&v=7.2&r=%7B%22id%22%3A%221055cec2c554ded%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210658fda261e11ee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193651%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22107878ecb073e8e5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193651%22%2C%22sid%22%3A%22900x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22108ea54286a4e5d2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193651%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22109bb1417ad9d842%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193651%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22110ed49ab7813786%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193651%22%2C%22sid%22%3A%22900x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221111037ac8cd4769%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193651%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22112d266d85e31422%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193657%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221135087a725ad65d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193657%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22114e63c9ec9bb41a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193661%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2211505dd4166cc47d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193661%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221169c3712ffad794%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193661%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22117adb50ba3a80b7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193661%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221182aff1155484d7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193665%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2211991034e2c922ee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193665%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221209d73324d1e61d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193667%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212107d2a41745bcd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193667%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212275bc23de3bf1a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193673%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22123098424f7d5342%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193673%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221243a17128c5e577%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193673%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22125819e53641af9b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193673%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22126af9ec2282fbc4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193648%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22127b372e53ae4c6b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193648%22%2C%22sid%22%3A%22900x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212857d4da9671e7b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193648%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22129b1bdbcaa37e28%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193648%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2213065e5690718f84%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193648%22%2C%22sid%22%3A%22900x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2213138f979d9438c8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193648%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22132118d3c9922058%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193670%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2213399bd4d6192393%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193670%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22134498a7383748c8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193670%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221359578b88a9fdcc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193670%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221365052cf1940d49%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193671%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22137f3730c6cb232f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193671%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22138ac9a361f77498%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193671%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22139b97f45cd2ca0c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193671%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4a7ece3834a5fea83bbb71e079cd3e0f9a9872844bb37941b2f73fd303f94db6

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.136], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
28
expires
Sun, 04 Apr 2021 11:18:04 GMT
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
krk.kargo.com/api/v2/ 		2 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%228c311772-225e-4d15-b1bb-e2a5642267d1%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A3000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1617535084327%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2215155ea6bc9fe338%22%3A%22_qHs31JqZVr%22%7D%2C%22bidSizes%22%3A%7B%2215155ea6bc9fe338%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_qHs31JqZVr%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%220c92a29f-5391-4b15-873b-cf2bf278513b%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220c92a29f-5391-4b15-873b-cf2bf278513b%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22mpu_mobile_top%22%2C%22transactionId%22%3A%2210408b49-b339-4468-914f-62dc88dea89b%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%2215155ea6bc9fe338%22%2C%22bidderRequestId%22%3A%22150a76bf07d80373%22%2C%22auctionId%22%3A%221%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A2%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.223.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-223-2.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
prebid
ib.adnxs.com/ut/v3/ 		19 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:04 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.52:80
AN-X-Request-Uuid
3ffa2a4a-ac5f-44b9-b979-cb2b79e2d14d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:04 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.237:80
AN-X-Request-Uuid
1c483337-76db-4387-88cb-67a08171a745
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xhr
pre.ads.justpremium.com/v/2.0/t/ 		43 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1617535084336
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.141.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-141-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d34e8a1a381b203e3d1f7c6ed4f077038e91782ea254c7a7e4785462147a385a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:04 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_billboard&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
76cbe151fcbdf1cc9783cf3852092b2d0d1c25f8b22cf082ae6db3d10b89754d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_puff_20&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
99e232e7b99b23e9dcf0a54a487cc9d392c059106f69fa9a24bae774b00fb33d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_puff_45&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
b54f8348bc4f14f58f9d3e0ffd9f3c3030212253e7ad21a8716ddd6625333c77

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_top&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
c424b3f5900decfee6fe37f8d706b3d59bf2bbaa8c73d08bc2a82d3cd4f14bf6

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_leader_very_bottom&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
27a7413329567de39a9388c3dac0592e38a98c94e88be99e7d782e06de197e5e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_sky_left_top&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
c7b0f0911a0369d7c7cacf264c43bbf364199c80c05b23b807f92504b6d3b193

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_sky_right_top&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
c05cd9be1bc762fbacf815de343963eced0316006550804fab87533c2509061a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bid-request
a.teads.tv/hb/ 		16 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 04 Apr 2021 11:18:04 GMT
RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
br
last-modified
Mon, 28 Dec 2020 15:00:25 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
ga.js
google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google-analytics.com/ga.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
4360
date
Sun, 04 Apr 2021 10:05:24 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sun, 04 Apr 2021 12:05:24 GMT
fbds.js
connect.facebook.net/en_US/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ecfceed7951d0a23f2360d012cb571c62b8803d415e8b85b0a9d7e870d4b0ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SasG5hqlX4LG/0ed4b4Jqg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2118
x-fb-rlafr
0
x-fb-debug
JAx0vD0AcbFlglqXLbFx+SfhBP/wNHQ0UBx6oNRe6R50c4lrOSbjqZtDxJvpy3ZZzp8Dpb/e1gwGvUW9wcghPA==
x-fb-trip-id
686109401
x-fb-content-md5
d8d011cc875a32d3db299ce91cdd9623
x-frame-options
DENY
date
Sun, 04 Apr 2021 11:18:04 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"4354e4e35822b1cce0e4a613209560b3"
timing-allow-origin
*
expires
Sun, 04 Apr 2021 11:34:07 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
news_masthead.gif
i.dailymail.co.uk/i/pix/channelheaders/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix/channelheaders/news_masthead.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
a3f69777dc1f29882c9149b513ad5c5f748020328c8d8f4723a2ee32b8bccfe7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Mon, 11 Jan 2010 13:15:20 GMT
server
Apache
etag
"30c94250e5a71f5bcf9ebc3e54e5b9b9:1263215720"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
8792
expires
Tue, 04 May 2021 11:18:04 GMT
navigation_bottom.gif
www.dailymail.co.uk/i/furniture/structure/ 		154 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailymail.co.uk/i/furniture/structure/navigation_bottom.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.12.2/desktop.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4eaa63fe224cad73f3348b716855de0ace8a3169abfc0d7b2845d083172f53dd

Request headers

Referer
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.12.2/desktop.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
last-modified
Tue, 02 Mar 2021 15:44:32 GMT
etag
W/"154-1614699872000"
x-rs-time
Fri, 26 Mar 2021 10-01-18 GMT
vary
User-Agent
content-type
image/gif
server-timing
cdn-cache; desc=HIT, edge; dur=3
accept-ranges
bytes
x-mol-georesp
de
content-length
154
x-rs-ops
molfejava-a1-fe.hsk.mol.dmgt.net:8081
spt_weather_nav.png
i.dailymail.co.uk/i/furniture/weather/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/weather/spt_weather_nav.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.0/all--.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
0bf60782546bae441a6ce4783c2169777d728af37759e9805acbdaa48122cf36

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Wed, 23 Dec 2009 12:07:55 GMT
server
Apache
etag
"2a0a9e4a75bf8d1c816c273119256500:1261570075"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
2301
expires
Tue, 04 May 2021 11:18:04 GMT
5f42864d-a421-4f37-9478-00266f871d68-web.js
cdn.permutive.com/ 		788 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/5f42864d-a421-4f37-9478-00266f871d68-web.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35d87cdd68ea27d92f1e2b445f2252653d88f5589aefd7a352a26e7d384454c7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
5f42864d-a421-4f37-9478-00266f871d68
age
1492
x-guploader-uploadid
ABg5-Ux0i38DpVuRr_YWCLt8eT9c4Uohmd6lWebNQ7HnVcgMLkad-6yAaTsATN5yjlL0pLnI5YQUBG1DzcJJW1eS7dEtEJuS0w
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
cf-request-id
093e33c0f800004c7976a63000000001
last-modified
Sun, 04 Apr 2021 06:53:05 GMT
server
cloudflare
etag
W/"07a6d45b0d8246ca635daf3bb320aa36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=2yImjg==, md5=B6bUWw2CRspjXa87syCqNg==
x-goog-generation
1617519185425203
cache-control
public, max-age=300
x-goog-stored-content-length
170194
cf-ray
63aa2247fa934c79-AMS
expires
Sun, 04 Apr 2021 11:23:04 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
spt_socialicons_40x40eachbttn9.png
i.dailymail.co.uk/i/furniture/articles/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/articles/spt_socialicons_40x40eachbttn9.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.19.2/articleDefer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
3381376497b5b338f301a29f4b399d81331e55a568f02df5db466149e5826f13

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Thu, 17 May 2018 13:20:45 GMT
server
Apache
etag
"bab988d64a75ef93640c8ed16e05987b:1526563245"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
26818
expires
Tue, 04 May 2021 11:18:04 GMT
truncated
/ 		233 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b707cea228ebd1afe82a1840449e8c14d79bb62ec828d1ca7c3b6832a6905133

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		663 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
deb959c047f364b4d81eb0b735fd60c7172cb808ddad43546948d90a38ad362e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
carousel_arrows_3.png
i.dailymail.co.uk/i/furniture/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/carousel_arrows_3.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.19.2/articleDefer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
41704d63fe713fce52941fba264ff01d5e370be6dbdfea89a8f12ce9d48bfa9e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Mon, 06 Nov 2017 11:51:16 GMT
server
Apache
etag
"0293758492e440edc3f995f4887fa0ce:1509969076"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
5373
expires
Tue, 04 May 2021 11:18:04 GMT
spt_previewlinks_10.png
i.dailymail.co.uk/i/furniture/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/spt_previewlinks_10.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.19.2/articleDefer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
b67596bde5f7562faba79125ecebe3ee3b1f53549cc7ecb7020900d839580d19

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Mon, 06 Nov 2017 11:51:19 GMT
server
Apache
etag
"997a5a9a5d3df1bbf8f3a26394515052:1509969079"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
2095
expires
Tue, 04 May 2021 11:18:04 GMT
truncated
/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0a9ac514283709cb85750e1a15f4ed549be7d0caa7711a70a3249d15538ac44

Request headers

Origin
https://www.dailymail.co.uk
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b7e7d1bedae2fca5895468c68d7a3f06c5fa573a19fbdc1ea4da51441d59458

Request headers

Origin
https://www.dailymail.co.uk
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff
41304822-9433257-image-a-44_1617480559959.jpg
i.dailymail.co.uk/1s/2021/04/03/21/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/21/41304822-9433257-image-a-44_1617480559959.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45098e04b5e6f9b032cfbd1c553f5d71b22b547cd1b96830b5818d3ead0d889d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
N21UnAAAMOYPr1MRgtilSCNsuR1rfof9
last-modified
Sat, 03 Apr 2021 20:09:21 GMT
server
AmazonS3
x-amz-request-id
QEWR934FQV5F7VJ8
etag
"8d9e86665a3f350c1b39403104b435d5"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
114701
x-amz-id-2
+nJFJHVzvB/b/ZKTq1N9P1FW1YgYkn2FYN/1/XrqqBBbr0juzsnXDYpqvYWDkGeElUuDDyftgiY=
expires
Tue, 04 May 2021 11:18:04 GMT
moatad.js
z.moatads.com/mailonlineminutemedia634421037781/ 		289 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonlineminutemedia634421037781/moatad.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1e20ec535cfeccaee25513877a0bed3cb33a988a2e27b4e0bf6ff6a206daa783

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
content-encoding
gzip
last-modified
Mon, 22 Mar 2021 15:22:22 GMT
server
AmazonS3
x-amz-request-id
90P9Y9Q3Q6J9BR5D
etag
"9f58fae587415f911b9f6d9fc621df8b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=46529
accept-ranges
bytes
content-length
100082
x-amz-id-2
PLVbIjTnIYFJGcZzkpHteMMYsUN8kF4+FScKYTP3H4T/iVjFrRODzTSr7WrmvWE0RA5fTyQa8P8=
gtm.js
www.googletagmanager.com/ Frame 02AB 		194 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PL4PD49
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a4aa2cd68b993e69b3802b0eba1e616c1dc5552b170fa186070f3d4452abf78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45401
x-xss-protection
0
last-modified
Sun, 04 Apr 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Apr 2021 11:18:04 GMT
c4e65ff4-b385-d838-b9da-8cc3d8d9dfdb.js
bucket1.mm-syringe.com/prod/configs/ Frame 02AB 		324 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket1.mm-syringe.com/prod/configs/c4e65ff4-b385-d838-b9da-8cc3d8d9dfdb.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9e70ca99df457e2c5aeeafbd48285b5b2fa74017ffa35f2075fa3987be6e89e3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9A2quRNt1BJ5vB_XKaOLc2DMsD1.fa4A
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 14:13:40 GMT
etag
"7281671697aea811eccddf0cc064b575"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
date
Sun, 04 Apr 2021 11:18:04 GMT
accept-ranges
bytes
content-length
76119
injector.1.5.3.js
bucket1.mm-syringe.com/prod/injector/ Frame 02AB 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket1.mm-syringe.com/prod/injector/injector.1.5.3.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3c2bb1edc83db7e01b582f07603b904542b02338f03433c0fd7e907d7fef1369

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KHVG.I1nmJrWxnRtJSl2y4iWEUR5wRHc
content-encoding
gzip
last-modified
Sun, 24 Nov 2019 14:18:34 GMT
etag
"3a91217800ebe0708f39c65080ffed30"
vary
Accept-Encoding
content-type
text/javascript
date
Sun, 04 Apr 2021 11:18:04 GMT
accept-ranges
bytes
content-length
4206
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=9508230d-a02e-41a7-aa78-a498e2ca8ca0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=9508230d-a02e-41a7-aa78-a498e2ca8ca0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:04 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.153:80
AN-X-Request-Uuid
36e53423-ba19-4fa4-8879-024710bd26f8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=9508230d-a02e-41a7-aa78-a498e2ca8ca0
date
Sun, 04 Apr 2021 11:18:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
41306464-0-image-a-10_1617485023152.jpg
i.dailymail.co.uk/1s/2021/04/03/22/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/22/41306464-0-image-a-10_1617485023152.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97112f2d4a510f5083a4f99330889201be77a93a6e0bc3d2a3df33403fe23bd5

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UH5q8GRK.eMy_.zD1YsOcw_pBsFtHl8f
last-modified
Sat, 03 Apr 2021 21:23:45 GMT
server
AmazonS3
x-amz-request-id
3K0GH1B3KD3DJ25G
etag
"7d8ff9d4bb2907e8bfa5988192c59983"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
7405
x-amz-id-2
kQj94/M5Rc0/KbI/K8/79kVcggOH14MKO33UhIlm0aPJso0OUJ+o6q2cszdjkpw8u3CEcFEDBLU=
expires
Tue, 04 May 2021 11:18:04 GMT
41311238-0-image-m-192_1617498131344.jpg
i.dailymail.co.uk/1s/2021/04/04/02/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/02/41311238-0-image-m-192_1617498131344.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96be7178dd22326f3a84ba23f93fdc28120df5f8e1f47c370dfa0b6bf88e9927

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.yQO3xajOHkmIqbaIERq.H3PEaVNT7qs
last-modified
Sun, 04 Apr 2021 01:02:16 GMT
server
AmazonS3
x-amz-request-id
4KR5NGDF3PVJZFF5
etag
"c5fbcf46016a31ddcabfc0f509214fb9"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3718
x-amz-id-2
NJUkDE9H3LkQrk4faoVppNxmbqGVi+JDsKSvsFDdgCoNmnc6O3+LJ+Z//X+D+MElNSANm6NTbxk=
expires
Tue, 04 May 2021 11:18:04 GMT
41305014-0-image-m-10_1617481245064.jpg
i.dailymail.co.uk/1s/2021/04/03/21/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/21/41305014-0-image-m-10_1617481245064.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15eec323fa35b2e0463f42bbeb518c6e938ba98c0986bab9b4bcd70f52c86719

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1ugXXPMCDJ_Qaf8e1UOihEfFdSsp037G
last-modified
Sat, 03 Apr 2021 20:20:53 GMT
server
AmazonS3
x-amz-request-id
F8ZPNWSEW85APXKF
etag
"f5379aad213ed77ba6023c0f79c4feb3"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6464
x-amz-id-2
pGfUy945tBEBSmgeijegF/DrhItcSH2E1FDriZ6/uEH7rzI7JZc+E3qpy+64ZR9SARXJr8LP5Tw=
expires
Tue, 04 May 2021 11:18:04 GMT
41317672-0-image-m-45_1617524816161.jpg
i.dailymail.co.uk/1s/2021/04/04/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/09/41317672-0-image-m-45_1617524816161.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4a18f241b4b17ac2e37fb8311c9508ddaa29f6e285fbe1a5a18e18271b2c756

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
s7M6iUCbxmQCDT0Xk3Wc.oR2T.sUVQQW
last-modified
Sun, 04 Apr 2021 08:26:59 GMT
server
AmazonS3
x-amz-request-id
KCSJ5FKRKVK17WYX
etag
"aa122fc12ad56d2d54a5358c56b80207"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
5914
x-amz-id-2
TaViPjb/ki76UezypJA5x4St9oITEpMQeG9czwMDWbFEMICS4G/dkw0M9ZzcEt4uKvdnOn5oSlw=
expires
Tue, 04 May 2021 11:18:04 GMT
41318240-0-image-m-7_1617524265647.jpg
i.dailymail.co.uk/1s/2021/04/04/09/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/09/41318240-0-image-m-7_1617524265647.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c59b9fc4a087e1c846e061f0196541cb6729d80ee3bef29212edc89b03cc7d2

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
BT6xrF8P_RP50LtjpqtyhnTZltBMe7pL
last-modified
Sun, 04 Apr 2021 08:18:04 GMT
server
AmazonS3
x-amz-request-id
XSX17K58TXWFW761
etag
"e41756e0cd56898d140480bee61b579f"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
4330
x-amz-id-2
SMSjScxQeFR7mkiSRHge9+umpKQQj2PVoaFsl1IEc9WX3Wc6UQpuLwwtX9VWci22TklD4iTADKw=
expires
Tue, 04 May 2021 11:18:04 GMT
41298354-0-image-a-30_1617465332150.jpg
i.dailymail.co.uk/1s/2021/04/03/16/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/16/41298354-0-image-a-30_1617465332150.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec67cba0b1358aac92b0b91711573af830379aabc5c0f5c08f0c984f0f739601

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KBFXm11rspDMCnkoiy4UpLfyS5gYrhNo
last-modified
Sat, 03 Apr 2021 15:55:33 GMT
server
AmazonS3
x-amz-request-id
K87FZK86FBZQNKZ8
etag
"497953743b26d43c7c11afcf73e3aba0"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3940
x-amz-id-2
uy9g1V9Zvt8gCfoIXCRucYdMKx1W2ZROf4PLaf6vouFrYix5gMmeXwDC2x5ekKKVwtjaQ5Bf5Iw=
expires
Tue, 04 May 2021 11:18:04 GMT
41307170-0-image-m-20_1617486920089.jpg
i.dailymail.co.uk/1s/2021/04/03/22/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/22/41307170-0-image-m-20_1617486920089.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3405f706032b7ca04d1c19b138cc10afaa2cf331757609a1ad4a68784c93e041

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
YXKwgx7R_fdWUSyFUmLqWr1itTvJs2iI
last-modified
Sat, 03 Apr 2021 21:55:33 GMT
server
AmazonS3
x-amz-request-id
D7RW1C608VXYR4T2
etag
"13029b31d9fd1f2dfd3ee0451960727e"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6163
x-amz-id-2
HYa5GTyIH/w5LlaorZdcEitxllefeuc/57HGQqHJErCEdulEnb2TO/P5sxKajT3FHM8Amj3sO/8=
expires
Tue, 04 May 2021 11:18:04 GMT
41297314-0-image-m-23_1617461699234.jpg
i.dailymail.co.uk/1s/2021/04/03/15/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/15/41297314-0-image-m-23_1617461699234.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26ff01af76420d9388b57e256db53d0d7100d7845312ff310bbd99aeaef15b1d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
LI0VYXN4vNCtylU9PEnA4uCB0Aaz7yZV
last-modified
Sat, 03 Apr 2021 14:55:21 GMT
server
AmazonS3
x-amz-request-id
7THNX44SFQ867QT6
etag
"90415ca47a04f32bf645a83bbf35506b"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
4261
x-amz-id-2
4A/w4LEjhrR97rlLNbTfmOFYapZn4qBIMt4YjWHJO9UlvUjXoh72Ufsp1ZJ4Wb12dPT/GSNGzDk=
expires
Tue, 04 May 2021 11:18:04 GMT
41310066-0-image-m-85_1617496756938.jpg
i.dailymail.co.uk/1s/2021/04/04/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/01/41310066-0-image-m-85_1617496756938.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6099bc3bcfdfe836ff8db9fc52bd08c0d2a9a58d7b303bf30f032d2dd94cf8ef

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
svYF6PCXD6mEoZUUUSoTt9Gq7vNxpoRw
last-modified
Sun, 04 Apr 2021 00:39:26 GMT
server
AmazonS3
x-amz-request-id
ZGW694996PGRFY1C
etag
"0e3a99b938e649e4a4512e28d75ca1e0"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6835
x-amz-id-2
2uFEp5FUw0kUfh34HBkWnZVDOIZpg7CzW/BwQtHnyAf96zHGlwDtK9dwMg0q/yQhLoRcIAmfxo4=
expires
Tue, 04 May 2021 11:18:04 GMT
41297316-0-image-m-4_1617485274367.jpg
i.dailymail.co.uk/1s/2021/04/03/22/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/22/41297316-0-image-m-4_1617485274367.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70d007dd5f9826526b468da7f681553e7ac87b51aa1e0b60341f1aaba6e6bf48

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jebIHC1Mub5oWM7Z6HB9883UqeaDsBBS
last-modified
Sat, 03 Apr 2021 21:28:03 GMT
server
AmazonS3
x-amz-request-id
0GVFGNP90GYBE6GZ
etag
"bdfecc057c4e09f4af2ce58b22ae832b"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6711
x-amz-id-2
ELp+43LUkRYEIpiNWGpY0jof981fTv645DD1NcfhMWNtCazVGSY/LDSkq8/I7Z2+b9tnSLLJdJo=
expires
Tue, 04 May 2021 11:18:04 GMT
41308402-0-image-a-85_1617490858444.jpg
i.dailymail.co.uk/1s/2021/04/04/00/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/00/41308402-0-image-a-85_1617490858444.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f902ad29ddb82f3c70d61cf7b22284bda74bb3281f964e93d059e91a0a05571

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OGxq0AwQRQo.yXHxN_zHpWNJHrEwkHav
last-modified
Sat, 03 Apr 2021 23:00:59 GMT
server
AmazonS3
x-amz-request-id
AJB426QGPCB2QH5F
etag
"d840b51eabd359356681b7218fe0aae4"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6862
x-amz-id-2
R+LNRLLNOI6L5Q8JmYbnC8DbBnsGCulxq6B/t0Eo9K6Vi2U8khTzt9gAKmaBGo6s9/w6wycqvtk=
expires
Tue, 04 May 2021 11:18:04 GMT
41309036-0-image-a-13_1617492700724.jpg
i.dailymail.co.uk/1s/2021/04/04/00/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/00/41309036-0-image-a-13_1617492700724.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ff6b77df58945bb220e06384bee1aa5748c34136f5e4305e48494bf97508736

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
bVLekR6sMCdYnCauTc1Afk4HTClNApBI
last-modified
Sat, 03 Apr 2021 23:31:41 GMT
server
AmazonS3
x-amz-request-id
PZDW5WCGFDJQW48G
etag
"d238b7c6158052251bc7387084c101fc"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6161
x-amz-id-2
5vaW5Xf+RuaJTbkPZ8B7+EfuHZW4bjKB2lXa4Ff9rCk+70oryUQmY0foHFW4MUDkliafiMz+U94=
expires
Tue, 04 May 2021 11:18:04 GMT
loader.js
cdn.taboola.com/libtrc/dailymail-row/ 		414 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/dailymail-row/loader.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
obaker.93.1.2-11.38.9 /
Resource Hash
6b6c3aeb8d08d48ff373c1797490750f9b8c123e7576e2841d159464dd26ea32

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
isEvSx5Gx_eO_fbgiWhKQxgwI2XfY03A
content-encoding
gzip
etag
"2b9c36314561dfe2e43b331fcfb41b828ca4545e"
age
8705
via
1.1 varnish
x-cache
HIT
x-from-cache
1
content-length
38862
x-amz-id-2
IfCKYm/X0v4nneR/jbVGYXoVwtDL1fCUDBhYYqczBe8CmF1qJY779c+ALPmvzc3Siur5zkROOEI=
x-served-by
cache-fra19121-FRA
last-modified
Sun, 04 Apr 2021 08:40:55 UTC
server
obaker.93.1.2-11.38.9
x-timer
S1617535085.592842,VS0,VE1
date
Sun, 04 Apr 2021 11:18:04 GMT
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
JDVBJEARV4N6D10P
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
6
x-cache-hits
1
comment_ticker.png
i.dailymail.co.uk/i/furniture/comments/articles/ 		85 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/comments/articles/comment_ticker.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.0/rc-main--.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
541c63ae81fe7799a19523dc8f2500646043eaa70d36985c3f2fc86264e4e71e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Tue, 28 Feb 2017 12:52:42 GMT
server
Apache
etag
"18d36c5e83cfde23a9f5103f33f6ad32:1488286362"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
85
expires
Tue, 04 May 2021 11:18:04 GMT
spt_socialicons_40x40eachbttn8.png
i.dailymail.co.uk/i/furniture/articles/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/articles/spt_socialicons_40x40eachbttn8.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.19.2/articleDefer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
1d188cadb253c70a5a87ebdcea65f7407044606b5c4cf2ca9891970161aa9232

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Mon, 06 Nov 2017 11:53:19 GMT
server
Apache
etag
"d5fb4ae159a29d51d27aaf551c71298a:1509969199"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
8735
expires
Tue, 04 May 2021 11:18:04 GMT
ns.html
www.googletagmanager.com/ Frame 744C 		266 B
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-PL4PD49
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.googletagmanager.com
:scheme
https
:path
/ns.html?id=GTM-PL4PD49
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html; charset=UTF-8
content-encoding
br
vary
*
date
Sun, 04 Apr 2021 11:18:04 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
server
Google Tag Manager
content-length
92
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
41309332-0-image-m-184_1617493339626.jpg
i.dailymail.co.uk/1s/2021/04/04/00/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/00/41309332-0-image-m-184_1617493339626.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd0d1256c7eabefeacb54f07bc1c3105c39d6e13f407ba8d592e065599d4e753

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
LPLxDnJftOyzKb9b2jdIcykbRw5_zFPm
last-modified
Sat, 03 Apr 2021 23:42:20 GMT
server
AmazonS3
x-amz-request-id
YYH4WBYJM14MDZTX
etag
"871357637dcce2487fc0b57bf949ab93"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
5396
x-amz-id-2
9XwAKDzGrTaNY7JcDLv/BUyy5K9goMvDohL0YX8xTnRagvv6yRdFEjYQlozYeLuskMmVINgsyo8=
expires
Tue, 04 May 2021 11:18:04 GMT
41309664-0-image-m-12_1617494205327.jpg
i.dailymail.co.uk/1s/2021/04/04/00/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/00/41309664-0-image-m-12_1617494205327.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
728c02f7231714bc38e7c69fdffa51497df077d95ef7215fbdcd0b411a156914

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CDhH1VGqlsoCiwlQYEtDwPpUapLaxBN6
last-modified
Sat, 03 Apr 2021 23:56:52 GMT
server
AmazonS3
x-amz-request-id
YYH0DW83N596W085
etag
"f10df3b67a402399a89b97b3c35b3f96"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6219
x-amz-id-2
/maYZq/m5aSqzEnOqLRGs69GdvOfcDxmuapqZl3EfSgoDWaDH3I390XAV2HdMqTGL0UYXK2kFsE=
expires
Tue, 04 May 2021 11:18:04 GMT
41318598-0-image-a-13_1617525256477.jpg
i.dailymail.co.uk/1s/2021/04/04/09/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/09/41318598-0-image-a-13_1617525256477.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c1c30b6f5257e78acb2bf032ba7f732d2a4ad09eceb9787e7ed02fcbd31344f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
J9fNNREKvL366G0qd_0NOn_sEZdO1tzU
last-modified
Sun, 04 Apr 2021 08:34:18 GMT
server
AmazonS3
x-amz-request-id
WQAQ9R2BVMSEXEXW
etag
"4f33b35668de1b88b87d1da148206a20"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3376
x-amz-id-2
nykFp4YfcSYY96g+5pg+vwl2jKtR2tD1sN9MYNofq+YkTCKYDM0vyxUTf3XwiiffEuTJa/enKjk=
expires
Tue, 04 May 2021 11:18:04 GMT
41306584-0-image-a-7_1617485159408.jpg
i.dailymail.co.uk/1s/2021/04/03/22/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/22/41306584-0-image-a-7_1617485159408.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a248c60e250f1fc75ca7229090ca196bf899d02ebecf41ee33ff5a493b241827

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
XhjTXIXfHXAuyhyPxX6HGgXYPfJBLPl.
last-modified
Sat, 03 Apr 2021 21:26:00 GMT
server
AmazonS3
x-amz-request-id
G1N01N1KK0QG5A55
etag
"a1b4dfb4803a54ddd062e6f54a42d53e"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
4422
x-amz-id-2
XqTiQYg9BaWYriI583p/KPDKMKWxja5xPRSRcEEyKSy1lCxryBEdnAKe9tHTMnNvNvDAzSL8lBA=
expires
Tue, 04 May 2021 11:18:04 GMT
41130034-0-image-m-25_1617114833996.jpg
i.dailymail.co.uk/1s/2021/03/30/15/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/03/30/15/41130034-0-image-m-25_1617114833996.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b60138a5c8d27121855ef3f7fd10d051c66280b5fdb007f963761aeb8599e82e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
u5lHX2kBL0hnV0Ep5hESlj2Dxp9FFPIU
last-modified
Tue, 30 Mar 2021 14:34:03 GMT
server
AmazonS3
x-amz-request-id
PFPHQ1K79G2HQT85
etag
"8301b21235386bdb3ce28a85584d0a4c"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
7885
x-amz-id-2
JqbGw6Stdnzjt9Yj6nYN5OKXrMLWEp8dJKy87bTnXIr2DlwQViPaMlgxEhhCACLMLGkEwSEaKkQ=
expires
Tue, 04 May 2021 11:18:04 GMT
41309134-0-image-m-38_1617492935132.jpg
i.dailymail.co.uk/1s/2021/04/04/00/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/00/41309134-0-image-m-38_1617492935132.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4baed4a6c81e1ac045be6ea45b4b5ee9e7ecf47bb6b956800c3a835c79580c7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1LkhhXcoQ47TerobMOpTqiDB24clJSVX
last-modified
Sat, 03 Apr 2021 23:35:42 GMT
server
AmazonS3
x-amz-request-id
EKFM2DB5J9M51WFH
etag
"20d756a337fff96dcebc8527d6e3dd90"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3410
x-amz-id-2
9+wls9To/PiknOdjUyVocr2sbfZ4TaouHR+SLyFe+GTtA0CKDmfa0gv6JkPzXevV2VDTcYNGK+Q=
expires
Tue, 04 May 2021 11:18:04 GMT
41306286-0-image-m-137_1617484474336.jpg
i.dailymail.co.uk/1s/2021/04/03/22/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/22/41306286-0-image-m-137_1617484474336.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2cf0b19c5fa7e1b24d08654efb1c5dbac9d1b43b5c328249cc07f94698b8486

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
V32Gv3ef4Okq0jWNj0GLZivOp6nkM7dm
last-modified
Sat, 03 Apr 2021 21:14:40 GMT
server
AmazonS3
x-amz-request-id
ECB8VKMWHNCF86T9
etag
"c4b3dc012f1942bb646d45a408bcd52a"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
5395
x-amz-id-2
RIBBTkChulC5lWGZbF8Aqm0CLcx9KG2u2Cwrizm7aRoHJbDtAE6qN+kagHb2+YyZbqNcAS3LA58=
expires
Tue, 04 May 2021 11:18:04 GMT
41305888-0-image-m-71_1617483409972.jpg
i.dailymail.co.uk/1s/2021/04/03/21/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/21/41305888-0-image-m-71_1617483409972.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f6053246a777a7c3bc9cb967df3ca25581cd7bf8858fdb9e1a53c4d12db8538

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
rJ8dbY4ggvl8_TFASSAmoyRPzoIjpb3l
last-modified
Sat, 03 Apr 2021 20:56:51 GMT
server
AmazonS3
x-amz-request-id
5GT3CRYEQGD0HQ3J
etag
"32d8caf2a190d1feeb1127e8f4f65732"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6314
x-amz-id-2
qG33IKTHUltV/RgZ03YzQ9dL6e3zXF7ue9O6i+WSusBY087qq3I/7gxwdNmLi2IXYpi70kHv+JQ=
expires
Tue, 04 May 2021 11:18:04 GMT
41306130-0-image-m-37_1617490998529.jpg
i.dailymail.co.uk/1s/2021/04/04/00/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/00/41306130-0-image-m-37_1617490998529.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
779ae77fde625f9424d17e5f1907631632e768d25f99e57336f9b33018e918c8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
BYWTao67EvJTnmf1vxVrGcBsrgjo9R.d
last-modified
Sat, 03 Apr 2021 23:03:23 GMT
server
AmazonS3
x-amz-request-id
BP3QWYJ6Q2SFZRQW
etag
"41c01c5aad95b9448b4a406491f19422"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
timing-allow-origin
*
content-length
7334
x-amz-id-2
U10XVy3cC4erGXuxE2+B+15pCtBcJNk2C7hR3zZ3UDKQLRwInx+BMPPNqQyr4MfXLZxyTNQAt7M=
expires
Tue, 04 May 2021 11:18:04 GMT
41316922-0-image-m-14_1617525124327.jpg
i.dailymail.co.uk/1s/2021/04/04/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/09/41316922-0-image-m-14_1617525124327.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90aa84bceedb083457eaabf7698bd9e9c9772115382745a9f106e42eb59e43fe

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GZuVO45MTkQQVJk6ivD9SJ_iuZid1Jls
last-modified
Sun, 04 Apr 2021 08:32:10 GMT
server
AmazonS3
x-amz-request-id
SE07XHTS5D0JV80V
etag
"acb92f28e8ed9010fe403ed83a1722f0"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
5968
x-amz-id-2
qhspWT3eJ2+cYsaYdHaZvtaU3Y5xISxFXbO4Z3NMGwNLzZCU4Y94z3XWI65MEMaQfZp5uhauc6I=
expires
Tue, 04 May 2021 11:18:04 GMT
41320058-0-image-m-12_1617529873226.jpg
i.dailymail.co.uk/1s/2021/04/04/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/10/41320058-0-image-m-12_1617529873226.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fa1ee6b20ea378058e4f8267ab158f8a07214d39e2a98d600783f7ffc026ad2

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zjN5TTteQZHdK0vl.zqtZZ1N6M2SAF94
last-modified
Sun, 04 Apr 2021 09:51:16 GMT
server
AmazonS3
x-amz-request-id
2582JEGCE88RBBWF
etag
"4f306dffe893d0273d9ea99754cbee70"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6800
x-amz-id-2
clq2vPYlPCu+JfWdVxEmRCTHw25FazVHcCcZhpclkUf9AZLLTQRSLC7Gx3LyPd6/3kpSvSSwdCk=
expires
Tue, 04 May 2021 11:18:04 GMT
41306104-0-image-m-17_1617488643876.jpg
i.dailymail.co.uk/1s/2021/04/03/23/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/23/41306104-0-image-m-17_1617488643876.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28dbb73afe4e6cf6a041a7f01f257aea82db2919d937c3b40eac5f87284c76de

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ofajTO0tJVxheXrAK6Dm3aurjFuEjOAz
last-modified
Sat, 03 Apr 2021 22:24:08 GMT
server
AmazonS3
x-amz-request-id
DC1XZAM4W954NDNC
etag
"9a62fb3f76c834e0084b6fa0d59043b5"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
5659
x-amz-id-2
BCGDeQhvE1CsElwMwgG3R9ze3wPwC+dquYP+IbdsCFoduBMCV79KjfOWOIOY+DMp4Alep+m2jR4=
expires
Tue, 04 May 2021 11:18:04 GMT
41305704-0-image-m-30_1617482921801.jpg
i.dailymail.co.uk/1s/2021/04/03/21/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/21/41305704-0-image-m-30_1617482921801.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2082a8d84c8d27a07801a23beb6a1647f18397bbcb66f4c218572eecae5bd63e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
XThZijpTPR5pXEG2C_8pzJVUgfHRQB4c
last-modified
Sat, 03 Apr 2021 20:48:50 GMT
server
AmazonS3
x-amz-request-id
2N4P5TD8J06GT5JR
etag
"9950fc8b5893d52106ccd8b757d4e762"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
4320
x-amz-id-2
vZ6y6rYO6J2FCE1/mEV5ftvXuHaEgo+5ft5f+9SShFWLyTJvdRNxzX7BDekKhO7Xaq3MSHX67m4=
expires
Tue, 04 May 2021 11:18:04 GMT
41311148-0-image-m-129_1617497984686.jpg
i.dailymail.co.uk/1s/2021/04/04/01/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/01/41311148-0-image-m-129_1617497984686.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
889540750e7ac30e8dd3afdf90ebcc13c9860a26309cefa4d8a92d319c8be010

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
dFfawvQFT4_gZDUeaChx2O3ffwXboJMG
last-modified
Sun, 04 Apr 2021 00:59:53 GMT
server
AmazonS3
x-amz-request-id
8P054C1QF62VF90B
etag
"1ff83411682a56dcfa078f4fade3d50a"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
5059
x-amz-id-2
Aqn4DU7Igof1sunC8gIP0iG3ggM4jinTMboAXqMmn81MIdxVi+My5ZdzMhLUm+XosVoA5XgkDS4=
expires
Tue, 04 May 2021 11:18:04 GMT
41308044-0-image-m-123_1617488936240.jpg
i.dailymail.co.uk/1s/2021/04/03/23/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/23/41308044-0-image-m-123_1617488936240.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17246a32f2ac24f44938610240902d157ddc7687a13a12e42ad4eae9e0c2da4e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
K4aARvYlkOd2ZBkY3oRcSMTmL4HnXNDI
last-modified
Sat, 03 Apr 2021 22:29:04 GMT
server
AmazonS3
x-amz-request-id
GH4SCV7YEDMGRESS
etag
"56de5fd93a1d085ff9ab39565ca23289"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6708
x-amz-id-2
hmLw8POtYiAwNaDixjhc0l6RnoW77E9cGawqawbwinR3W3gTBR7vXyEu9rzQXaFn9mKg4XHZ7cI=
expires
Tue, 04 May 2021 11:18:04 GMT
41308292-0-image-a-26_1617490142971.jpg
i.dailymail.co.uk/1s/2021/04/03/23/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/23/41308292-0-image-a-26_1617490142971.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0df474e48707b28278d81205847fae75d40cf513fda5e4809a994a83e456edad

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
o0OVPvk.pyYzML0RN3UBoEhWishBq1gV
last-modified
Sat, 03 Apr 2021 22:49:04 GMT
server
AmazonS3
x-amz-request-id
9HTV394HR6M0GKZ9
etag
"d00565b05cb90ca113a9885209e4dd0d"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
5639
x-amz-id-2
QCbzKKgzMWiohPfcJexvAZ6gkUBYqJQcPAsA83NzGG1w5LNI7yThQcCb6V1UU6zPHD76huvhcf8=
expires
Tue, 04 May 2021 11:18:04 GMT
41318650-0-image-a-6_1617526516689.jpg
i.dailymail.co.uk/1s/2021/04/04/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/09/41318650-0-image-a-6_1617526516689.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c0d3b58108bc05d9f3405648f97898f2f97c9e1baa4da97e76d66118a8dbf01

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
SOyKnOdtIAUOfPdWpMHuwAdFhvz0Z7IE
last-modified
Sun, 04 Apr 2021 08:55:18 GMT
server
AmazonS3
x-amz-request-id
8V9MH7XPDTR93G4J
etag
"e57aef35215e11a044fe47b675ceb06b"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3103
x-amz-id-2
bY52weejFFuGRGBXDjRNL+VQvw4XViUhW7nh+SATV/EfTOs2zZK874i/2EUGz+a4XxmrVNMQns4=
expires
Tue, 04 May 2021 11:18:04 GMT
41318966-0-image-a-14_1617526656141.jpg
i.dailymail.co.uk/1s/2021/04/04/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/09/41318966-0-image-a-14_1617526656141.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e7ac1b05d3a0e1951a4b9c99237993e39ac7b1f4f2c74f4bd6b45b7955ac8c4

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9wA1ff_7pLbXbvy8ilsCmIntSUDu8RLt
last-modified
Sun, 04 Apr 2021 08:57:37 GMT
server
AmazonS3
x-amz-request-id
7R6256HYT5NQB3GH
etag
"ac98fffa72e0191f7f72cb92f48c3b6b"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3642
x-amz-id-2
IUf+jOE5QWx6yYN2rpFtnHGw2fS8NCP8U6ItBCDXznOPkS6kwASjhlssXjleCI9B72vKZoUR+ec=
expires
Tue, 04 May 2021 11:18:04 GMT
wire-41316020-1617516191-385_87x84.jpg
i.dailymail.co.uk/1s/2021/04/04/07/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/07/wire-41316020-1617516191-385_87x84.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97acdc3bab97ff75b946ab8a172ceaefba5f82532ee80cd7d6f2496f71e01c7b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1NbIck5V84yiQqlpXwtkmrq.qtyFuHKv
last-modified
Sun, 04 Apr 2021 06:03:12 GMT
server
AmazonS3
x-amz-request-id
F5K8RGQXN2889ECW
etag
"205ac1f9c3e37c8e7d3002fd376c79e3"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3400
x-amz-id-2
ONqKxxFLUdKiG6NaMPJgPDHScrBmkAlyRcJv2/e6neWrlFjSFuKcT3wAZiDDQ4Uvu2ob58Am7qE=
expires
Tue, 04 May 2021 11:18:04 GMT
41319368-0-image-a-38_1617527692052.jpg
i.dailymail.co.uk/1s/2021/04/04/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/10/41319368-0-image-a-38_1617527692052.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97f9eb3ea2fa356378693614e0cedd121e5c1e869c1d285105e0cbdcc97f8c61

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PgRy4_1G4rR5vUvnh9YpSC03qHg_X2su
last-modified
Sun, 04 Apr 2021 09:14:53 GMT
server
AmazonS3
x-amz-request-id
ESR7S68ZJFXZ90WC
etag
"9ea9daf3d598e31466336f035b929dfe"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3024
x-amz-id-2
QUuUwgc9u4vWqUr3F/oPRbXS7okJrikrP7rsSkPWZ8LqB3pU3nlTyNlCBUWl6qfMsttWgePtFMw=
expires
Tue, 04 May 2021 11:18:04 GMT
41306870-0-image-m-38_1617486483271.jpg
i.dailymail.co.uk/1s/2021/04/03/22/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/22/41306870-0-image-m-38_1617486483271.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4669faf24764bbb677af6cf1fe50f73e2e125835613085937ec06863dc31984

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
sB1B4UeaEnsDEXGiXYE2FI6WJaXpcNFS
last-modified
Sat, 03 Apr 2021 21:48:18 GMT
server
AmazonS3
x-amz-request-id
37YWGH4DVEY07Z0Q
etag
"d322f8a587865de06789ff8f73d5fb76"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
2962
x-amz-id-2
TP+WQcFdZqvz5lJhiG6Hvo1fDlPQGFCl4f+xJqyY991FohlI5pHbYkOR/h08qzDPRXVClJ/+mBU=
expires
Tue, 04 May 2021 11:18:04 GMT
41304392-0-image-m-44_1617480104709.jpg
i.dailymail.co.uk/1s/2021/04/03/21/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/21/41304392-0-image-m-44_1617480104709.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf9ce6944d915366d231c130c05f9844afe92167b177eb0d4ed8183bc44979b6

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
P.2camHMIFvZbtLsTYB_B.Dm47NIlBRF
last-modified
Sat, 03 Apr 2021 20:01:57 GMT
server
AmazonS3
x-amz-request-id
5ZYGYJ6TBGA8KDCS
etag
"cb54b68fdd5052a2b3c5341a86e94aca"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3279
x-amz-id-2
d6yojYj4i7X28wfBNp0QKe6FkxyKphDpndSkb5CMmR7ZEhP5lw4kkGPlVSmjYKszKeliixJGtmc=
expires
Tue, 04 May 2021 11:18:04 GMT
41311090-0-Tory_MP_Robert_Halfon_said_The_whole_purpose_of_children_learnin-a-130_1617498266535.jpg
i.dailymail.co.uk/1s/2021/04/04/02/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/02/41311090-0-Tory_MP_Robert_Halfon_said_The_whole_purpose_of_children_learnin-a-130_1617498266535.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
941c36edb9a6a43cca26d7fb1e92d0aff913058fba43469e5f8eb9b1a5c6fb8c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7wdGkNbr7s8KJ3zJveHVzuoZzADm4oDk
last-modified
Sun, 04 Apr 2021 01:04:28 GMT
server
AmazonS3
x-amz-request-id
743660J9WZFAR99R
etag
"91ed6fa79ec16a2079de980cc1a4919a"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
5872
x-amz-id-2
4WoWFB4weBbFf21/sVxLywr6mbqI+DUGHIeSRiIqpitrDVBstXuVsmAj9ZGxvLy5mgx9JXjLd+c=
expires
Tue, 04 May 2021 11:18:04 GMT
41306462-0-image-m-115_1617484927900.jpg
i.dailymail.co.uk/1s/2021/04/03/22/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/22/41306462-0-image-m-115_1617484927900.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
947d49c2f15dd40975160ab20c3e704132a1544d0e68938c15035b8a1ea82178

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jFXA1ZbcDFBZB3AU84XzFC13yX9vQsPm
last-modified
Sat, 03 Apr 2021 21:22:38 GMT
server
AmazonS3
x-amz-request-id
SEEAXCP7281W49AH
etag
"0a42388490305a1d4c9899ac45953570"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3974
x-amz-id-2
P+3W9NKqIyCJ/3T0GmFZMVfepZmkM3RvPsdJBO9gL8BF6jaYp7yDPOkzwZUJXogkaqHP5rn+P2o=
expires
Tue, 04 May 2021 11:18:04 GMT
41302066-0-image-m-48_1617478896091.jpg
i.dailymail.co.uk/1s/2021/04/03/20/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/20/41302066-0-image-m-48_1617478896091.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55813cc259063978ae7f1b5ea43cfbaf6857cd9f837cf06db5f4f3e015a4c86f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ucPVB06JXgHqTNyGKJt_O.6cBpSgxTRV
last-modified
Sat, 03 Apr 2021 19:41:35 GMT
server
AmazonS3
x-amz-request-id
FH0J0PP9QNED26FC
etag
"a921aee6136dbed45f989efdcf0de306"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6798
x-amz-id-2
A4FUyc2GRw2pAAeJgYePkH03Nj2NWOawwpN2ubt+RzJdNvsLn8hYKeJ6fZ86fOIvdpeOlPo4T/g=
expires
Tue, 04 May 2021 11:18:04 GMT
41306034-0-image-m-18_1617483897696.jpg
i.dailymail.co.uk/1s/2021/04/03/22/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/22/41306034-0-image-m-18_1617483897696.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d6ff7e69a19caa9c2930ec6978663da3b4a94d3422c1c286daa98e5cce1e74e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QdZaxF_imLrZ2h19blLUV4QeBenMI7eX
last-modified
Sat, 03 Apr 2021 21:05:06 GMT
server
AmazonS3
x-amz-request-id
MMDJ0DB9D14PCEXA
etag
"8acae9f9db2deb0226bb707a77a74131"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
timing-allow-origin
*
content-length
5974
x-amz-id-2
PVpxwN6MKch/yAxtHmsTOh0Lfn4eGOI7WQzbGoYAE2dKFe3x0novUilsKOG05I9kgts8XkFoWcc=
expires
Tue, 04 May 2021 11:18:04 GMT
41297838-0-image-m-37_1617465453070.jpg
i.dailymail.co.uk/1s/2021/04/03/16/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/16/41297838-0-image-m-37_1617465453070.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a79dd18593631fce35ed3a979ea59cb8fac40208725cef4aa57f158c635a2712

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
XXRtyTeGG4zPs34eMoqu0efIIGmzt7s2
last-modified
Sat, 03 Apr 2021 15:57:38 GMT
server
AmazonS3
x-amz-request-id
G4BD1MSWF5DC28W4
etag
"265788390879a05c80b23e9794ea8222"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
10424
x-amz-id-2
iuwnlVENAB+PyjaPBxfeoWd6hs9XCBicWCntJAG5V5YmAKDRkkwlTmK8O6ICzVfL1oiS3zGSt+0=
expires
Tue, 04 May 2021 11:18:04 GMT
41310286-0-image-m-53_1617495382995.jpg
i.dailymail.co.uk/1s/2021/04/04/01/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/01/41310286-0-image-m-53_1617495382995.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a1e21578f9b56d168f68181d4488d7a3c98a5463f7feac235c8d1e55bd467fb

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
D2bvJZoJ2Lq.upCwSkssRnwAboPshWtj
last-modified
Sun, 04 Apr 2021 00:15:51 GMT
server
AmazonS3
x-amz-request-id
5ZZ6GQ863XCWX2Z9
etag
"9f070dc5fc489d1f0dc8190613e3af7d"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6165
x-amz-id-2
nAAqFQm0YiN/SjRLUYzV40cqSNyT/rshR8kL27T2oOOMS3o4VFvJXAhQUBfC6xIjyrx00xRmdI8=
expires
Tue, 04 May 2021 11:18:04 GMT
41305884-0-image-m-10_1617483368072.jpg
i.dailymail.co.uk/1s/2021/04/03/21/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/21/41305884-0-image-m-10_1617483368072.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b55a5f118dd00bb2769aaa6011a6b6450a3334511f79503fad6815fd0125658c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QnnR92vvcFoe8Rm70kZ_uR4MJNOQJ2s.
last-modified
Sat, 03 Apr 2021 20:56:17 GMT
server
AmazonS3
x-amz-request-id
K87CRC6JBHNYF9A1
etag
"1af7560d8f4b81ae8e365d0fff93b4ec"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
timing-allow-origin
*
content-length
3256
x-amz-id-2
R1EUieCaNFSYjWEZ6zoAP2VCAEpHdHXEL5qEh5Cqu8k0Rm4Cf/ik8txZiVrCRhR2sHyBL4Z29Vw=
expires
Tue, 04 May 2021 11:18:04 GMT
41307798-0-image-a-161_1617488160026.jpg
i.dailymail.co.uk/1s/2021/04/03/23/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/23/41307798-0-image-a-161_1617488160026.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a705f03f8484b84122e2a86b2b2d9c68d27e5b3030ffb0602f3b104ad16d9c6

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jwrkXEYCUvWAjtTMoe.kE7e9eg_3vflB
last-modified
Sat, 03 Apr 2021 22:15:57 GMT
server
AmazonS3
x-amz-request-id
PD8FE49K3NADV14H
etag
"114364f1a0357136afee701439a1e900"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6141
x-amz-id-2
TS/dJX8VALscyGqEiwD8l+u0X+7SKH9hAK7O8zPSJo154Y2vBaSJOs4GolZR3NnmUoHiQOirzgg=
expires
Tue, 04 May 2021 11:18:04 GMT
41306642-0-image-a-94_1617487143320.jpg
i.dailymail.co.uk/1s/2021/04/03/22/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/22/41306642-0-image-a-94_1617487143320.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d568d854b45250d11c0aaf696fbdc55eebed077f5323fafdc7a927fe154261cf

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JUXz..1L2uA0fl3fkmF3MJEeOnnWzsOZ
last-modified
Sat, 03 Apr 2021 21:59:01 GMT
server
AmazonS3
x-amz-request-id
TAB7X6PP29Q4CESS
etag
"1d40e0f534e6fa81d942b0a6ce18f1dd"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3046
x-amz-id-2
Z8h/uxi3UU+PPhvgpSdipMV34A4E5SHhOBvet8jSRLUd+ILZ2BdkXOHDceOv9j63paDxaDwtaQ0=
expires
Tue, 04 May 2021 11:18:04 GMT
41306096-0-image-m-18_1617487617524.jpg
i.dailymail.co.uk/1s/2021/04/03/23/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/23/41306096-0-image-m-18_1617487617524.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed1a60158289510f2d8026d80faada61db3dfc4beedeb02c1d84508aa5b4cfa3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OnP_pZqDyE_pPx1.MB3rO6V4sziULEnE
last-modified
Sat, 03 Apr 2021 22:07:04 GMT
server
AmazonS3
x-amz-request-id
BP3QZXNAEZCZH0NA
etag
"c55cb7b9405917ebfe49778f38131a51"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
7004
x-amz-id-2
N7v8xF+EicaeouIhtck0qGtgJ4joxnqJk1IYlcSEGTnuSegbgeIVw1l58twiOBgp3197Zmbm14Q=
expires
Tue, 04 May 2021 11:18:04 GMT
41192196-0-image-a-101_1617495716105.jpg
i.dailymail.co.uk/1s/2021/04/04/01/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/01/41192196-0-image-a-101_1617495716105.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6646d4d6d703fcd5818a1b97200deaef6126e1c04f7288f7add8c27fbfbacf4

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jJ2qDF_U.d.TayD5MmM1nVa.IpQ2DjG8
last-modified
Sun, 04 Apr 2021 00:21:54 GMT
server
AmazonS3
x-amz-request-id
8PFQ5SKQ69A0Y7MP
etag
"e2c777c0f1745b9778d7607c739470a1"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
7374
x-amz-id-2
npjhERMTTts9mi21yVN1AmhdecZmFUhznIM278lUXCEccc8Yrdgau01dblPviU5mrdonLTWN+Pc=
expires
Tue, 04 May 2021 11:18:04 GMT
41305886-0-image-m-97_1617483487264.jpg
i.dailymail.co.uk/1s/2021/04/03/21/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/21/41305886-0-image-m-97_1617483487264.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40ce35da02472502946f52bd3a4606bac134e84b742dd5e2806fe4c3d6b29a5d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
WwYRx2TASs9ayVZYI3iXAU8Ez_0wdMmP
last-modified
Sat, 03 Apr 2021 20:58:30 GMT
server
AmazonS3
x-amz-request-id
5GTBEDBS55V0J323
etag
"b8343d7e1556bb30a35408002d377867"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
3243
x-amz-id-2
pSn3MB9ZDjzvZ2FcUGzZesioIhktbe9+BHSY3f8Cis8puWecO7E3/4yGriTZ2m0UXx1nJ0cUDww=
expires
Tue, 04 May 2021 11:18:04 GMT
41306188-0-image-a-19_1617484084349.jpg
i.dailymail.co.uk/1s/2021/04/03/22/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/22/41306188-0-image-a-19_1617484084349.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2eed9b7c16402eac9ec64a4ab267b9bb55c1f3c8bff146eadf9eb792217f1298

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
BXorYVrFnB7IiB0ShV6YcBU9ErKEr4yb
last-modified
Sat, 03 Apr 2021 21:08:05 GMT
server
AmazonS3
x-amz-request-id
VB9A7R6B2Q9HG0BF
etag
"ae376746231f78184a7a607e871d4606"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
7029
x-amz-id-2
bRVEptpfNTzEfWAjNzEivqF3kkFja4Er9bckefT/BNr2ue7yDEWJnvBUNk5RXcgchF8VwGrA+IA=
expires
Tue, 04 May 2021 11:18:04 GMT
41304926-0-image-m-9_1617481493328.jpg
i.dailymail.co.uk/1s/2021/04/03/21/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/21/41304926-0-image-m-9_1617481493328.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7088fa340808f8e3f32dd6ee985f1585ac57d0147d4de29af1891eb5ec848a30

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7zKGyf4wNjmBRfoYPz8iISmIvjT_ogti
last-modified
Sat, 03 Apr 2021 20:24:57 GMT
server
AmazonS3
x-amz-request-id
0TCT519NGAXWA2FA
etag
"28f8e26ac3d46678713a48084c4e0910"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
2763
x-amz-id-2
zKNhgx0qqBNqM7+FQ8JN2BmImpT/gXEDZH3/JQQ0+Uyj3ek1ad1WSAVlJ0bxPej+GX8S58utiGs=
expires
Tue, 04 May 2021 11:18:04 GMT
41296242-0-image-m-32_1617459001463.jpg
i.dailymail.co.uk/1s/2021/04/03/15/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/15/41296242-0-image-m-32_1617459001463.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c6fea22bf52f9e1d41ebb8a9196e44a48712f944e26f1eaceb9c3bf705794f1

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RX3ah5yoZ7xn3.h1435.nYDCYKhyoOxq
last-modified
Sat, 03 Apr 2021 14:10:12 GMT
server
AmazonS3
x-amz-request-id
PZDRH1QVWDAY6FMW
etag
"d08eb81e056c7dada28a17d2e44f2246"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6538
x-amz-id-2
n/G5/skCYnVPVqb/0PDEKZGidRIfVU0EFcYrnd9WQuRKrV2Z7fDw41uMgeC2MiDrem0o7o6BQcA=
expires
Tue, 04 May 2021 11:18:04 GMT
pubads_impl_2021033001.js
securepubads.g.doubleclick.net/gpt/ 		288 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
990b8aed006156731e08e68ec85706ebcf592462536e4374fa58a57fdee1c055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 08:37:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103184
x-xss-protection
0
expires
Sun, 04 Apr 2021 11:18:04 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
30568
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 01:32:40 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 02:48:49 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
hsHFv0PhHbnYfhqRfmBpMLPr5Q8I_FdxGdr9uVjQYVaJYE6zmcPiDg==
adsm.macro.rmb.js
macro.adnami.io/macro/gen/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://macro.adnami.io/macro/gen/adsm.macro.rmb.js
Requested by
Host: macro.adnami.io
URL: https://macro.adnami.io/macro/spec/adsm.macro.4111597d-dc70-4fd8-b25e-7d24d8423e73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df622b080094d3402f87b5cb36b85a177c20f919c3ba8e31157a80095a685ce

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
0A8cGfkGme5t+RC3HJFvlQ==
age
5562
content-disposition
cf-request-id
093e33c10300004ee5eb385000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Mon, 29 Mar 2021 15:35:47 GMT
server
cloudflare
etag
W/"0x8D8F2C8533E931A"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
78b00824-001e-0094-11b2-244b15000000
cache-control
public, max-age=14400
x-ms-version
2014-02-14
cf-ray
63aa22480a724ee5-FRA
expires
Sun, 04 Apr 2021 15:18:04 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22billBoard%22%2C%22s%22%3A%5B%222000x1200%22%2C%22970x250%22%2C%22900x250%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
K9MayANKlkGfvGjC2nLUD3D2QNEvfBLvkWlZ-C_19LpOhmWXV-NN4g==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=1&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22inread_player_top%22%2C%22s%22%3A%5B%22480x270%22%2C%22636x1%22%2C%22480x1%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
cw70uRtoz4pM5dAphIqnI8XeVa3EF40NVrilB3K_t2ZSixHI-7Yr6g==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=2&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22mpu_top%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
eiLqClx8RqyjgqRhW5RuL8wFISI6HWGLHVP9qPyjBYkhQj0SZeApIA==
hit.gif
uk-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uk-script.dotmetrics.net/hit.gif?id=4637&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&dom=www.dailymail.co.uk&r=1617535084826&pvs=1&pvid=kn32mja21xjmvmjzu65&c=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-83.dus51.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
dotmetrics-hit-status
01 OK
server
Kestrel
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
cache-control
no-cache
content-type
image/gif
x-amz-cf-id
-7pYGwCSok0tBMpdjnnju7-3DLzVufSmUKxiLW8Gr7M1FoCl8C132g==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5887b03f44a197fcdc5400caec10de1c69f29619c1fdc868d4d461130e0f9efc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
spt_rndcorner_4.png
i.dailymail.co.uk/i/furniture/corners/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/corners/spt_rndcorner_4.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/gunther/17.14.0/all--.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
be6aaae29a207bdea28a1e545c6f5652abcd30845290ec990892805c895d78f6

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Mon, 06 Nov 2017 11:54:17 GMT
server
Apache
etag
"8709d0e0c6ea65aa87db0884a31b5355:1509969257"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
2998
expires
Tue, 04 May 2021 11:18:04 GMT
truncated
/ 		504 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a745591034534431b4e5e32815599cef3101631f9e6a9052a687d96dac1a3ea

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62675c01ca7a9e7af102c699f55fa970eee7f0106984839722e018e733744c03

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		996 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f650676047609c72f3c893b13a7148916bb0a9a5ff1f6ca9c531d07038ba31ae

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		868 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4717410c1ef684a572d4662c8bc6860a753e6ea7e9640d699c4f2a0e4d08c9e2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b27cc2654c00d737f49cb68b74ba7893c151612b1ad52543f4691f67db0cdf97

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
www.facebook.com/tr/ 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1401367413466420&ev=PixelInitialized&dl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&rl=&if=false&ts=1617535084857
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 04 Apr 2021 11:18:04 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1362808030&utmhn=www.dailymail.co.uk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3639451-1&cid=963463219.1617535085&jid=282724631&_v=5.7.2&z=1362808030
35 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3639451-1&cid=963463219.1617535085&jid=282724631&_v=5.7.2&z=1362808030
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 04 Apr 2021 11:18:05 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:04 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3639451-1&cid=963463219.1617535085&jid=282724631&_v=5.7.2&z=1362808030
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=3&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22half_mpu_top%22%2C%22s%22%3A%5B%22300x150%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
hj7oKA8jWXCn8D3-MWvrST2z0rhNMTDIdc8ime7mFhmvkuEdPrlXqA==
impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
cdn.taboola.com/libtrc/ 		473 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-row/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9915cb993f478467f5553d1870d367d6a174337f6691e5298c26977c392d067c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
234nJrNPWJCJ8vAMG7kaq3YpiIvfrcq4
content-encoding
br
etag
"461c8cd9f6f099c664c29b24c1c29aab"
age
27875
x-cache
HIT
content-length
111201
x-amz-id-2
K5Olxgi8rLSHRF9f/czrEjD0jqBUnX1qWd+hE3P1vf2Ugw1u454KdMPSsP5+Cbm0TIaVLgSGahU=
x-served-by
cache-fra19121-FRA
last-modified
Thu, 01 Apr 2021 11:26:16 GMT
server
AmazonS3-br
x-timer
S1617535085.963603,VS0,VE0
date
Sun, 04 Apr 2021 11:18:04 GMT
vary
Accept-Encoding
x-amz-request-id
QTK970NTT6XPT0PP
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
17
x-cache-hits
3684
tr5
cdn.taboola.com/libtrc/ 		3 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=lr_fpp_var1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1617535085.963896,VS0,VE0
x-served-by
cache-fra19121-FRA
x-cache
HIT
content-type
text/html
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
41311112-0-image-a-15_1617527720110.jpg
i.dailymail.co.uk/1s/2021/04/04/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/10/41311112-0-image-a-15_1617527720110.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc5cf9ca31f8b17c54fb201fc64931e2900b53ac1eaec6c5492f2b138c752bc8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2pp0rMyScwz97AKHRT5dZj9HoVmSXMRY
last-modified
Sun, 04 Apr 2021 09:16:57 GMT
server
AmazonS3
x-amz-request-id
47XYEFSC7A18JGR1
etag
"fdcfc79422852e22912b657214c39924"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
10300
x-amz-id-2
2BfZGUxDEs7MNWb8TYZ+Artd57E4DR3noOla2d53qIjSOzBL9kwscZFCVUuubFdvfOY6JBAlRhM=
expires
Tue, 04 May 2021 11:18:04 GMT
41319078-0-image-m-21_1617525471548.jpg
i.dailymail.co.uk/1s/2021/04/04/09/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/09/41319078-0-image-m-21_1617525471548.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dad80ef4163f0f8c51f09f07b016fca151c23bb2cce33ade1cb5b3f158793500

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ykVqO_B356VsBc5PO6AD1rg9kkNU0NMo
last-modified
Sun, 04 Apr 2021 08:39:34 GMT
server
AmazonS3
x-amz-request-id
ERYE6DWKMCTCETHV
etag
"a074f20acdcdbe269c9d0789e34fc907"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
10641
x-amz-id-2
Viixqvkr/TNDbEJ7sjlMM0pG08/hVE4ucdGWZmEpJPC998xuzToRs8m1U+uvB3BBcGV9jIQqSuk=
expires
Tue, 04 May 2021 11:18:04 GMT
41311298-0-image-a-172_1617498425622.jpg
i.dailymail.co.uk/1s/2021/04/04/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/04/02/41311298-0-image-a-172_1617498425622.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4423d5740cc0bb1e055fabdb4a0b7eade7205cf148fcf5a0e752f6cbacb1cf96

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Sz9ASF4VT_loD8ZVs45KAzC9kwvTBsMr
last-modified
Sun, 04 Apr 2021 01:07:06 GMT
server
AmazonS3
x-amz-request-id
30YKC4M80BWPP3HE
etag
"ffe2a43adfae955cf42d26faa37940e5"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
10296
x-amz-id-2
ACx76KzVDOos2f4/XrNjPzBn2Rw+5ZV4rzcenNcdDlV2yRDqX/WS4ejTbLr3ZiyLJYO9Jdt7l4A=
expires
Tue, 04 May 2021 11:18:04 GMT
41296800-0-image-a-176_1617460818919.jpg
i.dailymail.co.uk/1s/2021/04/03/15/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/15/41296800-0-image-a-176_1617460818919.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0381530c32a7581320b297e4a66b87edde1e171a143c9228e4dda38d0b19000

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_ETiE8TMhcLqLU3Es6moRSnJodD95Smi
last-modified
Sat, 03 Apr 2021 14:40:20 GMT
server
AmazonS3
x-amz-request-id
TMTNQ37KE8VADJVJ
etag
"e293544152d6a88e99dcb45e28f68507"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6558
x-amz-id-2
3t8ImuewyQo8yED/ZMJ/v63bL6rYD3pzKBYpe3FYNr2NWb4tAQ38E4ESTQHnDzT/zUDe+FnA3l8=
expires
Tue, 04 May 2021 11:18:04 GMT
41303614-0-image-a-88_1617478713447.jpg
i.dailymail.co.uk/1s/2021/04/03/20/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/20/41303614-0-image-a-88_1617478713447.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4763b30256d1f825892cb24018bbe370d429351e5bb0ee3816c142a2d305f393

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1MUs1rn98LV_lbdpTBrHn3bMGf28UD_g
last-modified
Sat, 03 Apr 2021 19:38:34 GMT
server
AmazonS3
x-amz-request-id
5XFRKQJ3X66FD4D7
etag
"96b863c9cc456311a31f64d8a619ae88"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
11278
x-amz-id-2
uPTu7wo31l9M9IV2Z9nWjXWzpwmf9oToe18Jz99/93TSb+nWaJIr2Cj8r4JDSss7xh8HHoYr0LE=
expires
Tue, 04 May 2021 11:18:04 GMT
41305942-0-image-m-76_1617483870330.jpg
i.dailymail.co.uk/1s/2021/04/03/22/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/03/22/41305942-0-image-m-76_1617483870330.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d83a9b51a7992fc2da94da4df19fe35a4f7a78f5e03e3e9e7fa1be8142268a61

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xGhtt.xa9_UgeihaLl3fOJjmolmQ_adZ
last-modified
Sat, 03 Apr 2021 21:04:44 GMT
server
AmazonS3
x-amz-request-id
MD71C14EZA9011SG
etag
"196d8646b844fd4266d5eb59256eaa41"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sun, 04 Apr 2021 11:18:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
10729
x-amz-id-2
66PrxYHrg6i7BnLB2SvZpYqu9pAgNIZXdI5YSjMoq9GDP0cySD2WcIS76GSXIDMmg0vqh6/kS0w=
expires
Tue, 04 May 2021 11:18:04 GMT
0d470400-5b19-11eb-8397-c018637fe897
github-releases.githubusercontent.com/40461390/
Redirect Chain
  • https://github.com/videojs/mux.js/releases/download/v5.9.1/mux.js
  • https://github-releases.githubusercontent.com/40461390/0d470400-5b19-11eb-8397-c018637fe897?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210404%2Fus-east-1%2Fs3%2Faws4...
337 KB
337 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://github-releases.githubusercontent.com/40461390/0d470400-5b19-11eb-8397-c018637fe897?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210404%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210404T111723Z&X-Amz-Expires=300&X-Amz-Signature=8cf17a13b74d4366f29306490c768ba11c27f9529b592f750f6b523ce3ce5100&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=40461390&response-content-disposition=attachment%3B%20filename%3Dmux.js&response-content-type=application%2Foctet-stream
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-154.github.com
Software
AmazonS3 /
Resource Hash
6323865009dcb5c3a76c9f8dfb485d28eeceec77f8783565265e2c378d37e3d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
e3f8d93f8e96cbec5fc1890886d144fdebdac49f
date
Sun, 04 Apr 2021 11:18:05 GMT
via
1.1 varnish, 1.1 varnish
age
35
x-cache
HIT, HIT
content-disposition
attachment; filename=mux.js
content-length
344769
x-amz-id-2
yr00Yymlw9SCS4/rhTd/nDsWwvMeqU1QnFBDFtNtQ6A8tC+2GuWtWD0UIS98YyaIRiB2pwH1zAs=
x-served-by
cache-dca17759-DCA, cache-ams21022-AMS
last-modified
Wed, 20 Jan 2021 17:14:33 GMT
server
AmazonS3
etag
"6d13ad5f29e69baba39798f1074bc746"
strict-transport-security
max-age=31536000
x-amz-request-id
RD4PHF5A77WPW0JT
accept-ranges
bytes
content-type
application/octet-stream
x-cache-hits
2, 2

Redirect headers

date
Sun, 04 Apr 2021 11:17:23 GMT
referrer-policy
no-referrer-when-downgrade
server
GitHub.com
x-github-request-id
4E9A:C2E3:5C14CB:70F9F2:6069A06D
x-frame-options
deny
expect-ct
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With
content-type
text/html; charset=utf-8
location
https://github-releases.githubusercontent.com/40461390/0d470400-5b19-11eb-8397-c018637fe897?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210404%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210404T111723Z&X-Amz-Expires=300&X-Amz-Signature=8cf17a13b74d4366f29306490c768ba11c27f9529b592f750f6b523ce3ce5100&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=40461390&response-content-disposition=attachment%3B%20filename%3Dmux.js&response-content-type=application%2Foctet-stream
cache-control
no-cache
x-content-type-options
nosniff
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://alive.github.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com online.visualstudio.com/api/v1/locations; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com secured-user-images.githubusercontent.com/ *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker-3f088aa2.js gist.github.com/socket-worker-3f088aa2.js
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-length
612
x-xss-protection
0
shaka-player.compiled.js
ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/ 		325 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31000b06ee62a605901856b6cec757f1695bcbeb232df0f2b22107d811937737
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 11:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172807
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105172
x-xss-protection
0
last-modified
Tue, 09 Feb 2021 16:56:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 11:17:58 GMT
gtm.js
www.googletagmanager.com/ 		194 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PL4PD49
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ab9af57d90d12157852d8b61d7115f2617697fb8f5b0e749fe9b51ef3823add
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45399
x-xss-protection
0
last-modified
Sun, 04 Apr 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Apr 2021 11:18:05 GMT
ns.html
www.googletagmanager.com/ Frame E0ED 		266 B
116 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-PL4PD49
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.googletagmanager.com
:scheme
https
:path
/ns.html?id=GTM-PL4PD49
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

content-type
text/html; charset=UTF-8
content-encoding
br
vary
*
date
Sun, 04 Apr 2021 11:18:05 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
server
Google Tag Manager
content-length
92
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mplayer_controls_plugin.4.1.29.js
www.oo-syringe.com/prod/players/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_controls_plugin.4.1.29.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c1ca89e42ba013b242b5da0e45ca034562ac4c51bebbd7c1216f6bd9242eec3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
kmJT0.alEZ2ogQwx0N8zcqFpxKw9tM4Y
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 12:32:00 GMT
etag
"af479cdc5d3fba91966dfaf184485a89"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31193560
date
Sun, 04 Apr 2021 11:18:05 GMT
accept-ranges
bytes
content-length
31426
mplayer_anchor_plugin.4.1.29.js
www.oo-syringe.com/prod/players/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_anchor_plugin.4.1.29.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bb49aa393f91dc66267e42500ea366572b356e56ed9e30481cdf5a056dee14fa

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3SPdBDEufGVY.lgm5XUkLLq1QtjJhl8t
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 12:32:00 GMT
etag
"92f6e685e252bc339295ee02632c51e5"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31193560
date
Sun, 04 Apr 2021 11:18:05 GMT
accept-ranges
bytes
content-length
10109
mplayer_comscore_plugin.4.1.29.js
www.oo-syringe.com/prod/players/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_comscore_plugin.4.1.29.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
678cdb3292168129e37628ea8ea11505940d8d59ee1b532ec18b0cdd18ba390c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
aa9Eou3Pkk95.AxBNtFHlKKMpZhNI.oN
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 12:32:00 GMT
etag
"629891358078c261728762e01a8c8c9a"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31193560
date
Sun, 04 Apr 2021 11:18:05 GMT
accept-ranges
bytes
content-length
5064
mplayer_close_bar_plugin.4.1.29.js
www.oo-syringe.com/prod/players/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_close_bar_plugin.4.1.29.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ae265cc609c0cd62f3958c4ea97b91fef8d7df10939e161d6511f61a5898f12

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pSk7HxCjYImNptOwiOGf76vexNIy5LRU
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 12:32:00 GMT
etag
"fa401fe05be25de71ce6406cae634764"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31193555
date
Sun, 04 Apr 2021 11:18:05 GMT
accept-ranges
bytes
content-length
18460
mplayer_read_more_plugin.4.1.29.js
www.oo-syringe.com/prod/players/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_read_more_plugin.4.1.29.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d41b0ca4b10fa76373fbe654dbd440146d3e62f5975a6390033c1e81ba0b5160

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
kwdzXAuMtkCHZMMZuaMeEg45xXpx1x.J
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 12:32:00 GMT
etag
"f2bc1e9491f81a0ba0f616c6160d9f19"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31193560
date
Sun, 04 Apr 2021 11:18:05 GMT
accept-ranges
bytes
content-length
17239
01f1fkp9s9wgh7hk8d.json
vms-videos.minutemediaservices.com/01f1fkp9s9wgh7hk8d/ 		11 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f1fkp9s9wgh7hk8d/01f1fkp9s9wgh7hk8d.json
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c882f02b9ef69ee606f8adb92e7ada8b431ad4b9a69e8dc4d3892e2c9e4f2a4d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Hl1MsQPbjDDgRy2lL4cQwjgCoKTLP1E9
content-encoding
gzip
etag
W/"12bddcded5103107daffcfcdb3fb4e2c"
x-amz-request-id
DC5X6P1GSSMCT40M
akamai-mon-iucid-del
854168
vary
Accept-Encoding
content-length
2815
x-amz-id-2
D2sJjNthOzFHRNuebwK6nhSFzIofNApyvm8uUpvEUrl/Cguf4KdKW7EnHflIAh5n36fzACvfl2M=
last-modified
Sun, 04 Apr 2021 11:13:29 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:05 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
JFK51-C1
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
wJqgUpVWJsxHsKqK21DXl9V077cE5JERayav7aEx4qj27ELaNuYvDw==
comScore-JS-6.2.3.180328.min.js
bucket1.mm-syringe.com/lib/ 		156 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket1.mm-syringe.com/lib/comScore-JS-6.2.3.180328.min.js
Requested by
Host: bucket1.mm-syringe.com
URL: https://bucket1.mm-syringe.com/prod/injector/injector.1.5.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ce270c9952a278a73384c409e1bc02e7b5367767702a1d87d5105b9aef3e91ae

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UP2tnScyf0IkbIh1GVgoQZiM5AlMQNdo
content-encoding
gzip
last-modified
Sun, 31 Mar 2019 15:57:40 GMT
etag
"18a99636882ae65fbb2e600e276380ca"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31117354
date
Sun, 04 Apr 2021 11:18:05 GMT
accept-ranges
bytes
content-length
43460
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/appnexusprebidserver/?gdpr=0&euconsent=&us_privacy=&url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dbrightroll%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/prebid/setuid?bidder=brightroll&gdpr=0&gdpr_consent=&uid=y-5M_C1DZE2pHG4HZWygJTMx8BHEC93OboSPdirlI7sOfAlRD2r.1vRBQ-~A
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=brightroll&gdpr=0&gdpr_consent=&uid=y-5M_C1DZE2pHG4HZWygJTMx8BHEC93OboSPdirlI7sOfAlRD2r.1vRBQ-~A
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:05 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.9:80
AN-X-Request-Uuid
cfedeb38-cca9-4a06-8914-934c0ccec211
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Sun, 04 Apr 2021 11:18:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://ib.adnxs.com/prebid/setuid?bidder=brightroll&gdpr=0&gdpr_consent=&uid=y-5M_C1DZE2pHG4HZWygJTMx8BHEC93OboSPdirlI7sOfAlRD2r.1vRBQ-~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
bridge3.448.1_en.html
imasdk.googleapis.com/js/core/ Frame BDF2 		578 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435bfd2298310eb82d20743c88f633bdf70633bfae20c394dd526a79ddefa566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.448.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193558
date
Wed, 31 Mar 2021 20:55:35 GMT
expires
Thu, 31 Mar 2022 20:55:35 GMT
last-modified
Wed, 31 Mar 2021 17:39:18 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
310950
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 10:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
3248
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Sun, 04 Apr 2021 11:23:57 GMT
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sun, 04 Apr 2021 11:18:05 GMT
css2
fonts.googleapis.com/ 		1 KB
503 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400&display=swap
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a5eddf1b797d631d5060a9bf443483a1a7e410c0edc607e08634265b81d0266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Apr 2021 09:59:13 GMT
server
ESF
date
Sun, 04 Apr 2021 11:18:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Apr 2021 11:18:05 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=4&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22mpu_puff_20%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
MLNtqMlGEhxhKfJHhZXjgoHdb4H3O_OdRUWc9nOzVpSIB2Wfxs99-A==
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		476 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=635640543029996&correlator=4385785736212819&output=ldjh&impl=fif&eid=31060550%2C31060641%2C21068110%2C44739387&vrg=2021033001&ptt=17&sc=1&sfv=1-0-38&ecs=20210404&iu_parts=5765%2Cdailymail.uk%2Cdm_dmnews_newsart%2Chalf_mpu_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x150&prev_scp=pos%3Dhalf_mpu_top%26amznbid%3D2%26amznp%3D2%26adx_channel%3D2%26nobids%3Dtrue%26refreshCount%3D0%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9433257%26environment%3Dproduction%26country%3Dde%26abv%3D4.1.48%26mvt%3Dpermutive_on%252Cuniversalid_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1617535085227&dlt=1617535083641&idt=1494&frm=20&biw=1600&bih=1200&oid=3&adxs=974&adys=688&adks=1844031893&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=308x4440&msz=308x150&ga_vid=963463219.1617535085&ga_sid=1617535085&ga_hid=785477306&ga_fc=true&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2eb96017523f81414057cd913910d3cf7280865a78fbfec612f9695a710d2f61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cd32f34bb612852e9ea5161e8650c4b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cd32f34bb612852e9ea5161e8650c4b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
btn_ipadapp_5_308x111.png
i.dailymail.co.uk/i/pix//promoboxes/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix//promoboxes/btn_ipadapp_5_308x111.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
5e8aeb859e55a6671b89115d84e0fd7e5435ea99b3b49e7ebd3d4c22e41185e8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
last-modified
Thu, 21 Apr 2011 16:49:47 GMT
server
Apache
etag
"8bf2dc1c1ea05fc41fb7410b396a1bb6:1303404587"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
38475
expires
Tue, 04 May 2021 11:18:05 GMT
json
trc.taboola.com/dailymail-row/trc/3/ 		40 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/dailymail-row/trc/3/json?tim=13%3A18%3A05.328&lti=lr_fpp_var1&data=%7B%22id%22%3A613%2C%22ii%22%3A%22%2Fnews%2Farticle-9433257%2Finside-hq-chinese-cyber-ransom-gang.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1617525427200%2C%22vi%22%3A1617535084807%2C%22cv%22%3A%2220210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22pev%22%3A4962%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6649%2C%22qs%22%3A%22%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2v%22%2C%22s%22%3A15%2C%22uim%22%3A%22autosized-generated-text-under-1r-row%3Aabp%3D0%22%2C%22uip%22%3A%22desktop-Desktop-Wide%22%2C%22orig_uip%22%3A%22Desktop-Wide%22%2C%22cd%22%3A4148.75%2C%22mw%22%3A632%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%202nd%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%202nd%22%2C%22cd%22%3A4176.75%2C%22mw%22%3A636%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22lr_fpp_var1%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9437cb8c68b4f03aae1133849212324a38f4c3e73e03fc06c3bb84b10abd82ef

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
490
date
Sun, 04 Apr 2021 11:18:05 GMT
content-encoding
gzip
server
nginx
x-timer
S1617535085.343924,VS0,VE490
x-served-by
cache-fra19121-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
fff.js
www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.5.1/scripts/ 		119 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.5.1/scripts/fff.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
835f1dfc4109c578b77ba1b24a70cf3c07e73440aa65a94c329c29f763423bc5

Request headers

Referer
https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
35222
last-modified
Wed, 10 Mar 2021 16:12:38 GMT
server
Akamai Resource Optimizer
etag
"eea372bce8ac8e188267c4751ef1d05a:1614161270.633734"
vary
User-Agent
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=449701
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Fri, 09 Apr 2021 16:13:06 GMT
logo_cookie_reg.png
i.dailymail.co.uk/i/furniture/misc/ 		189 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/misc/logo_cookie_reg.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
2f59ac8dad7d832c75edc7cf917c512a3788d03ce0862b38c1bfccc54eb01d10

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
last-modified
Mon, 06 Nov 2017 11:54:00 GMT
server
Apache
etag
"2c776973168421488cd8ba0f131ef7f4:1509969240"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
189
expires
Tue, 04 May 2021 11:18:05 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=5&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22mpu_puff_45%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
VsAdC0qzTjNu5AFQuAfqkCeEN9rOU8QaCUBiXVE9ANlw76O9XC7xbQ==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL4PD49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
4020
date
Sun, 04 Apr 2021 10:11:05 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sun, 04 Apr 2021 12:11:05 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=6&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22mpu_middle%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
BwQ5F9pviWEvN2a9JDkYwwTkc9N6WIeGr7LKhMS_475uw-KLoC58kg==
dailymail_placeholder.jpg
assets.mm-syringe.com/prod/c4e65ff4-b385-d838-b9da-8cc3d8d9dfdb/sponsorship/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.mm-syringe.com/prod/c4e65ff4-b385-d838-b9da-8cc3d8d9dfdb/sponsorship/dailymail_placeholder.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-34.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60d0db45d9b98937b0fbefa6fd9c8d89f1fbe399e7ce8e27e3b1064adea27431

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 14:28:55 GMT
via
1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
last-modified
Wed, 13 Jan 2021 14:50:03 GMT
server
AmazonS3
age
2926151
etag
"55e2481638b26513443ba6c3b5ce0a31"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=1800
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
60752
x-amz-cf-id
McxSj-q94rN9T0AxVZRYcbZpZJi8PJcuDjuGfn-bvugoOJweNKET3g==
cookie
cm.adform.net/ 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
server
nginx
content-length
43
content-type
image/gif
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dailymail.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
177268
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Sat, 02 Apr 2022 10:03:37 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-23669758-36&cid=963463219.1617535085&jid=72951708&gjid=1132851170&_gid=982307178.1617535086&_u=YSBAgAABAAAAAE~&z=1435367460
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 04 Apr 2021 11:18:05 GMT
content-type
text/plain
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=785477306&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&dp=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&ul=en-us&de=UTF-8&dt=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=Partners&cm=MMPlus&ec=MMVideo&ea=vplayer%20video%20player%20embed&_u=YShAAEABAAAAAG~&jid=629494851&gjid=1744959682&cid=963463219.1617535085&tid=UA-23669758-36&_gid=681356554.1617535086&_r=1&gtm=2wg3o0PL4PD49&cg1=MMPlus%20partner&cg2=none&cg3=none&cd1=&cd2=none&cd5=none&cd7=MMPlus%20partner&cd22=none&cd31=&cd33=www.dailymail.co.uk&cd35=636%3A1&cd38=video&cd54=floor8&cd55=MM%2B%20%7C%20DailyMail%20%7C%20dailymail.co.uk%20%7C%20Recirc%20Player%20%7C%20Podding&cd58=none&cd59=10%20sec&cd60=auto%20play&cd62=none&cd91=8&cd92=8&cd93=none&cd94=none&cd95=none&cd97=none&cd98=none&cd99=none&cd24=no&cd25=no&cd26=4.1.29&cd27=news&cd39=monti&cd40=vplayer&cd41=f33b56a5-f20d-4400-86d2-256ebf353fbf&cd42=none&cd43=none&cd44=yes&cd45=none&cd46=without%20miniplayer&cd47=0%20-%209&cd48=no&cd49=none&cd50=01f1fkp9s9wgh7hk8d&cd51=yes&cd52=none&cd53=0&cd102=time%20in%20process%3D0%20milliseconds&cd104=&z=1450414270
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=785477306&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&ul=en-us&de=UTF-8&dt=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=Partners&cm=MMPlus&_u=YSBAgAAB~&jid=72951708&gjid=1132851170&cid=963463219.1617535085&tid=UA-23669758-36&_gid=982307178.1617535086&gtm=2wg3o0PL4PD49&cg1=MMPlus%20partner&cg2=none&cg3=none&cd1=&cd2=none&cd3=none&cd4=none&cd5=none&cd6=none&cd7=MMPlus%20partner&cd8=none&cd9=none&cd10=none&cd11=none&cd12=none&cd13=none&cd14=none&cd15=none&cd16=none&cd17=none&cd18=none&cd19=none&cd20=none&cd21=none&cd22=none&cd30=none&cd31=&cd33=www.dailymail.co.uk&cd35=636%3A1&cd38=video&cd54=floor8&cd55=MM%2B%20%7C%20DailyMail%20%7C%20dailymail.co.uk%20%7C%20Recirc%20Player%20%7C%20Podding&cd58=none&cd59=10%20sec&cd60=auto%20play&cd62=none&cd83=no&cd91=3&cd92=3&cd93=none&cd94=none&cd95=none&cd97=none&cd98=none&cd99=none&z=671261955
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 21:46:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48710
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=7&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22sky-left%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
wTLRD2QEf-MyWLtgcmEf5GMPRh0KWkWVHdvWIuzIVGIVz5nS0udPBg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=8&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22sky-right%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
BNIEEKTzvzqoc7HnN1b8-J35EYSTDfjI0xJkhVrDNq2jrIWXRBmN4g==
preload-inline.gif
i.dailymail.co.uk/i/furniture/fff/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/fff/preload-inline.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
last-modified
Tue, 02 Jul 2013 10:22:29 GMT
server
Apache
etag
"a51c5608d01acf32df728f299767f82b:1372760549"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
3208
expires
Tue, 04 May 2021 11:18:05 GMT
setABframe.html
www.newzit.com/ Frame 15E4 		209 B
481 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newzit.com/setABframe.html
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.15.2/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bab8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bb6f1866740bfb050c053eec18013d6490f192087ab170c9d40354990107f893

Request headers

:method
GET
:authority
www.newzit.com
:scheme
https
:path
/setABframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"8a3a99ebe4e24cbc797af3de2213ca62:1616493761.368803"
last-modified
Tue, 23 Mar 2021 10:02:41 GMT
server
AkamaiNetStorage
content-encoding
gzip
content-length
171
cache-control
max-age=1583
expires
Sun, 04 Apr 2021 11:44:28 GMT
date
Sun, 04 Apr 2021 11:18:05 GMT
vary
Accept-Encoding
set-cookie
X-GEO=DE; path=/; secure AKA_A2=A; expires=Sun, 04-Apr-2021 12:18:05 GMT; path=/; domain=newzit.com; secure; HttpOnly
icon_camera_90x68.png
i.dailymail.co.uk/i/furniture/mobile/ 		876 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/mobile/icon_camera_90x68.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.19.2/articleDefer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
be5c85bf40c3790d8bb01cbf334c014a920ad644d8ea3b61a3b8ed755b73a114

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
last-modified
Tue, 28 Feb 2017 12:53:16 GMT
server
Apache
etag
"8d29fb626b73132ae1d4b6540c126c58:1488286396"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
876
expires
Tue, 04 May 2021 11:18:05 GMT
currencyExchangeRate
fff.dailymail.co.uk/ 		19 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fff.dailymail.co.uk/currencyExchangeRate
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.5.1/scripts/fff.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2b0::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f4be37ae6f3da730d311ea6ff931acc51d1ae189ec3c2d28869cb00e536605cd

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:05 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=59730
Connection
keep-alive
Content-Length
19
X-rs-ops
fff2-fe:8180
1.0.1
fff.dailymail.co.uk/templates/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fff.dailymail.co.uk/templates/1.0.1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.5.1/scripts/fff.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2b0::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6b8474a0f9c6b3c69e02409f7eeb8faa908b8b18e64fdf7cc88a9129585fc7c3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:05 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=345625
Connection
keep-alive
Content-Length
1941
X-rs-ops
fff1-fe:8180
truncated
/ 		174 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52efd6959ae8fb441d9b7bce3624bcbda0b601316751028b16b31484124019c5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		685 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fce704a574001e626087c28db6ba29c8c6bce20f156a7fc3a321b505326be3b5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
chromeless_closer.png
i.dailymail.co.uk/video/ 		372 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/video/chromeless_closer.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9dff2251abbde2c57b87b8e340e8cc695637fa72f8ff311c61c37b97ec5810c1

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
last-modified
Mon, 01 Jul 2019 16:55:07 GMT
server
AkamaiNetStorage
etag
"8de2a98adb80767b95658b4b19f1342c:1562000107"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
372
expires
Tue, 04 May 2021 11:18:05 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=dados
  • https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=6d8eb479-9537-11eb-b382-1669d4c93106
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=6d8eb479-9537-11eb-b382-1669d4c93106
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Sun, 04 Apr 2021 11:18:06 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
88
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sun, 04 Apr 2021 11:18:05 GMT
Server
nginx
Location
/partner?source=dados&__user_check__=1&sync_id=6d8eb479-9537-11eb-b382-1669d4c93106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
127
Connection
keep-alive
Content-Length
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		162 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
c1e23dd192a000253259a7fe825cd040f704875bf370e24ed6137d19e3221bf6

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:06 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
162
Expires
0
auction
tlx.3lift.com/header/ 		19 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.13.0-mol-1&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&tmax=4500
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.225.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-225-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:05 GMT
x-auction-status
12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:05 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.144:80
AN-X-Request-Uuid
b139d06d-7fe0-4b10-8191-dd42e5b6ed92
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
mailonline-uk-d.openx.net/v/1.0/ 		106 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-uk-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a5cd62d0-5f6f-4947-b74a-2199e454ae2e&nocache=1617535085862&pubcid=0c92a29f-5391-4b15-873b-cf2bf278513b&auid=540675388&vwd=401&vht=225
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:05 GMT
via
1.1 google
server
OXGW/16.205.50
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-244.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9d801fe6909c761e32320afe5cca8251ee6a166c6d3d330d2c4f4e02aeb233c3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:05 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
openrtb
ads.adaptv.advertising.com/rtb/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=MailOnline
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-16-69.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
cygnus
htlb.casalemedia.com/ 		26 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=293354&v=8.1&r=%7B%22id%22%3A%222136652dc598d7bd%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22214cfd6299391086%22%2C%22ext%22%3A%7B%22siteID%22%3A%22293354%22%2C%22sid%22%3A%22401x225%22%7D%2C%22video%22%3A%7B%22startdelay%22%3A0%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22w%22%3A401%2C%22h%22%3A225%2C%22placement%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&nf=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fbe3a1b12f574786820599243f36ffdee8541558521de71f47a54f6f66f438bc

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:05 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.136], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
28
expires
Sun, 04 Apr 2021 11:18:05 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=9&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22id%22%3A%22jw_video_desktop%22%2C%22mt%22%3A%22v%22%2C%22kv%22%3A%7B%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
4b8f230af668f20a7b50021f1edb1fac1c96cab1aa576933a2064e5d7807179b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
GsXCAp-I5k93vZ41yoJNrFvEp3KJ8x0KTf7FO_v1P3_cdQ3VYvaWxA==
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame C81D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7df87b3daca4afd3121f1e591f406b2e3394d6e33e033789b09df48a6f1f09a4

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YGmgbnpO9fyfZTUURfDmcQAA; CMPS=1132
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|45|230|40|152|176|3
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1693
Expires
Sun, 04 Apr 2021 11:18:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:06 GMT
Connection
keep-alive
Set-Cookie
CMID=YGmgbnpO9fyfZTUURfDmcQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 04 Apr 2022 11:18:06 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 11:18:06 GMT CMPRO=1177;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 11:18:06 GMT CMRUM3=b06069a06e05a00&036069a06e05a0&2d6069a06e05a0&e66069a06e27600&286069a06e05a00&f16069a06e05a00&986069a06e05a00&276069a06e0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 04 Apr 2022 11:18:06 GMT CMST=YGmgbmBpoG4A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 05 Apr 2021 11:18:06 GMT

Redirect headers

Server
Apache
Content-Length
338
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 04 Apr 2021 11:18:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:06 GMT
Connection
keep-alive
Set-Cookie
CMID=YGmgbnpO9fyfZTUURfDmcQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 04 Apr 2022 11:18:06 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 11:18:06 GMT
check
pixel.tapad.com/idsync/ex/push/
Redirect Chain
  • https://id5-sync.com/i/167/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/167/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOW72iA1F8gllaN56hgWIU1sXU5PRwn2Hne08G3A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F167%2F124%2F8%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOW72iA1F8gllaN56hgWIU1sXU5PRwn2Hne08G3A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F167%2F124%2F8%2F2.gif%3Fp...
  • https://id5-sync.com/cq/167/124/8/2.gif?puid=cb7cf3db-f42c-4793-8bc8-48ba0a04ae42&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEAzx7MfgHUQAzJvgnw-VjiI&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0Rv...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEAzx7MfgHUQAzJvgnw-Vj...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4067890039530243391&opid=apx&ops=&utidl=tech:goo:CAESEAzx7MfgHUQAzJvgnw-VjiI&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A16697211058&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/167/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/167/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/167/19/6/4.gif?puid=37ad8958bc10ad964c3c5304a5b19e53&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F167%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F167%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/167/101/5/5.gif?puid=ce84d944-e3a6-4061-9dcf-009e32aab258&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F167%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F167%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
0
0
top-videos.jpg
creative.dailymail.co.uk/videos/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative.dailymail.co.uk/videos/top-videos.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6924aeec6e6de01dfd439327c170d8adc2f9dd8415e9903e3b24f2c3b6506389

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
last-modified
Wed, 01 May 2019 13:28:47 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"41c301b2aac4a100430b42c8cf52583e:1556717327"
content-length
113532
content-type
image/jpeg
black-preload.gif
i.dailymail.co.uk/i/furniture/fff/hub/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/fff/hub/black-preload.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
babed8ddf22ed2e66590a4f75773661304242a4f4167d52e165652fee492933e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
last-modified
Tue, 19 Nov 2013 14:19:15 GMT
server
Apache
etag
"37e24e0370847870c1c43ea9ce19b1f4:1384870755"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
3208
expires
Tue, 04 May 2021 11:18:05 GMT
script.js
uk-script.dotmetrics.net/Scripts/ 		76 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/Scripts/script.js?v=177
Requested by
Host: uk-script.dotmetrics.net
URL: https://uk-script.dotmetrics.net/door.js?d=www.dailymail.co.uk&t=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-83.dus51.r.cloudfront.net
Software
Kestrel /
Resource Hash
4041a3a57fc3b0262e107e54645fde937813c7111fa338a3d582274b8818e202

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:05 GMT
content-encoding
br
last-modified
Thu, 01 Apr 2021 12:07:57 GMT
server
Kestrel
x-amz-cf-pop
DUS51-C1
etag
"1d726efa6e97d66"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
voI7IwMy4WHBzMdOF-E_UaZzJFvfGPBY--iRuzP344zjQN8f0_aG7Q==
boot
klkstrm.kargo.com/event/ 		0
0
Kargo-Data.js
storage.cloud.kargo.com/ad/network/tag/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.cloud.kargo.com/ad/network/tag/Kargo-Data.js
Requested by
Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/ad/network/klick/klick-dailymail.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
caefdcc9ae00a197310c0e74d02cc5011a10cf2f7494a3c6e28cd68dc7c37540

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bfm3L0jDnsh9fppcQIyedbHwx7vy5nUS
content-encoding
gzip
etag
"fce2bfe5d7f2f5df4ae350001ca777a8"
x-amz-request-id
6182CC903F8653F1
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
2363
x-amz-id-2
gifDXkpihBghdLsMT1iWi0abx1sOLRo1EDA3DgsTExxGo9PXitObbaOp+Sm3mDMq9yI+e/5pMMc=
last-modified
Thu, 20 Jun 2019 20:12:08 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:05 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
products
fff.dailymail.co.uk/ 		2 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fff.dailymail.co.uk/products?articleId=9433257&geo=gb
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.5.1/scripts/fff.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2b0::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
X-rs-ops
fff2-fe:8180
Date
Sun, 04 Apr 2021 11:18:06 GMT
Connection
keep-alive
Content-Length
2
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
368f4c343722bcd0da3077d1e117f5462335c5c21066ac5472810f224e07718b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
78aES2K9e_BQ1VejaFN0QXuuayHCrT6B
content-encoding
gzip
etag
"1da06556d096c84420c24cf4a174b8a5"
age
5630
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4389
x-amz-id-2
A6oFNJBTuAIg0W4OW+iYyDmCfnDWBJCiyuPOXsgsx0oD8GygdRI1oQQQr2Ef9a18FqtOUyoZadE=
x-served-by
cache-fra19121-FRA
last-modified
Wed, 31 Mar 2021 09:42:57 GMT
server
AmazonS3
x-timer
S1617535086.946979,VS0,VE0
date
Sun, 04 Apr 2021 11:18:05 GMT
vary
Accept-Encoding
x-amz-request-id
341Z0AMRAM6ZJZ2G
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
17
x-cache-hits
43198
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8907c988abce36758d87a639ef2ddaa025c0338402a80f4e71b7b2450cc7861c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FyU75WazRsiEew8mV1P.ejYIF3IEfCEj
content-encoding
gzip
etag
"fa3c5d1be5ff23d2bbc39878e37cc0ec"
age
21748
x-cache
HIT
x-amz-replication-status
PENDING
content-length
749
x-amz-id-2
1I/L+AiRXIfkyPP3JvgAzpIOn2hbxJyWkgGqk2v091V9V0QDWMmo3vnbV9T/UJGaDerlVZftXN4=
x-served-by
cache-fra19121-FRA
last-modified
Wed, 17 Mar 2021 13:13:46 GMT
server
AmazonS3
x-timer
S1617535086.946954,VS0,VE0
date
Sun, 04 Apr 2021 11:18:05 GMT
vary
Accept-Encoding
x-amz-request-id
S947MPC9C9C9NDWK
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
17
x-cache-hits
240755
tfa-eid.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.es6.js
cdn.taboola.com/libtrc/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-row/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6900c79dc613cdfa5479f19fbc6888af11561bee2286c04b4af9de762a8705f2

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
d__hCb5NW0XieEGIS2fRsEYBSq3xxv2d
content-encoding
gzip
etag
"6d7fc9005c04f1df096ea2d3dbbfbe2e"
age
111
x-cache
HIT
x-amz-replication-status
FAILED
content-length
4917
x-amz-id-2
MVlOag8nP+tQXFErQyvLJjUffXSIQV+y8Say1syXptM3+Ad0sy0egeODaF/JVeVfykDTkrgtptg=
x-served-by
cache-fra19121-FRA
last-modified
Thu, 01 Apr 2021 11:26:55 GMT
server
AmazonS3
x-timer
S1617535086.949397,VS0,VE0
date
Sun, 04 Apr 2021 11:18:05 GMT
vary
Accept-Encoding
x-amz-request-id
2SZQSQM8EZ2JJDMH
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
17
x-cache-hits
6
tb
15.taboola.com/ 		31 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=dailymail-row&unitType=226&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails%202nd&uuip=&cisrf=&cirf=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&encoded=1&uid=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&variant=-100|421&callback=TRC.videoTagCallbacks.videoCallback1&cb=1617535085974&tagid=&cntry=BE&platform=1&sesid=b69e9844b1c02204d9681b9d381a421b&itemid=/news/article-9433257/inside-hq-chinese-cyber-ransom-gang.html&viewid=1617535084807&geolat=&geoing=&deviceifa=&appid=&sd=v2_b69e9844b1c02204d9681b9d381a421b_cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed_1617535085_1617535085_CNawjgYQ-4w9GIfS6uSJLyABKAEwFjjqxgdA4IYQSOzr2QNQ____________AVgAYABosa_ptcr9986tAQ&ri=8ef34a2b99db14b4428564872244a622&appname=&cdb=&gdprApplies=true&rid=&sii=9222800964376865031&oee=true&tpubid=1001083&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=VAN&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1001079&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0683c596082cc534e1053cc24ac2a420e0a0748f9f21ad59a97a0e5869df2a2f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
gzip
access-control-allow-origin
https://www.dailymail.co.uk
machineid
1415
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra19121-FRA
pragma
no-cache
server
nginx
x-timer
S1617535086.989861,VS0,VE18
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.es6.js
cdn.taboola.com/libtrc/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-row/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50434859133c202645fe2e1a75e65ecada69675501f31e4599c89a586727aeb1

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mBTZPoIhNoad1a2Fi62wKHiNF4nrEYv1
content-encoding
gzip
etag
"e277fb0b7611ca6cd0d7793221aa9070"
age
71
x-cache
HIT
x-amz-replication-status
FAILED
content-length
7918
x-amz-id-2
oONMQl7rdhFpaLvIXmu7qV17n3rRT67t0vSaqmIYTiB0oFPL9EWEN+8vrxc+m2Nyy5Y+RDe1vHg=
x-served-by
cache-fra19121-FRA
last-modified
Thu, 01 Apr 2021 11:27:00 GMT
server
AmazonS3
x-timer
S1617535086.990257,VS0,VE0
date
Sun, 04 Apr 2021 11:18:05 GMT
vary
Accept-Encoding
x-amz-request-id
7AQJ3718MVG1G1DB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
17
x-cache-hits
3
tb
15.taboola.com/ 		36 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=dailymail-row&unitType=244&tbloc=&pageType=text&pstn=Desktop-Wide&uuip=Feed%20-%20desktop-Desktop-Wide&cisrf=&cirf=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&encoded=1&uid=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&variant=-100|421&callback=TRC.videoTagCallbacks.videoCallback2&cb=1617535085977&tagid=&cntry=BE&platform=1&sesid=b69e9844b1c02204d9681b9d381a421b&itemid=/news/article-9433257/inside-hq-chinese-cyber-ransom-gang.html&viewid=1617535084807&geolat=&geoing=&deviceifa=&appid=&sd=v2_b69e9844b1c02204d9681b9d381a421b_cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed_1617535085_1617535085_CNawjgYQ-4w9GIfS6uSJLyABKAEwFjjqxgdA4IYQSOzr2QNQ____________AVgAYABosa_ptcr9986tAQ&ri=64cc3a441031069b29144f95ec0bb30e&appname=&cdb=&gdprApplies=true&rid=&sii=9222800964376865031&oee=true&tpubid=1001083&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=VAN&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1001079&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a65ec0cc625d44cf34b38c99fa3bc2b4cac27f68effb591912ff60b568621eb5

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
gzip
access-control-allow-origin
https://www.dailymail.co.uk
machineid
1450
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra19121-FRA
pragma
no-cache
server
nginx
x-timer
S1617535086.992514,VS0,VE17
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-row/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96e9e83d53a7540b47e12c86c17e09914dd34a0c64f8d654f80c8a07fc03b802

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GxH2pDTUP2RUTtqtb0v61fYg7svUn_86
content-encoding
gzip
etag
"92cde8402175096ac65eadfcc4e5ce7b"
age
56
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1323
x-amz-id-2
HCyaNK7gbE8t61RE4qpzA16dRW8qqfwd1x64UO4eqR7Ndvv1gkHbDju8Y1wGgDJAyH4/wCqUKB0=
x-served-by
cache-fra19121-FRA
last-modified
Thu, 01 Apr 2021 11:26:27 GMT
server
AmazonS3
x-timer
S1617535086.997789,VS0,VE0
date
Sun, 04 Apr 2021 11:18:05 GMT
vary
Accept-Encoding
x-amz-request-id
2SZYDKJ6TPMQE0XW
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
17
x-cache-hits
4
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
80
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
HsOVFRBc7yqvnDGTetpmWuIIIj1XMWyZlX/wvUSIsYqmXoAAgDFy3Uis6/LxAcd1WtZ9Mlo/358=
x-served-by
cache-fra19121-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1617535086.007796,VS0,VE0
date
Sun, 04 Apr 2021 11:18:06 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
QYSGS653SYGET5WK
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
17
x-cache-hits
146
c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding
gzip
etag
"11d8569a7da0739259e3ac0b0d666e94"
age
23
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1502
x-amz-id-2
OFNcz2KBDpvIDYlCA+bhybNrfMIVAhj1/vm6fmorn9umCpfmTmYJTCGQ2jXa/zimQLW+v7JHG5w=
x-served-by
cache-fra19121-FRA
last-modified
Sun, 10 Jun 2018 13:23:55 GMT
server
AmazonS3
x-timer
S1617535086.016601,VS0,VE0
date
Sun, 04 Apr 2021 11:18:06 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
5ZAEMEF1ZY7SS0KD
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
17
x-cache-hits
26
abtests
trc.taboola.com/dailymail-row/log/3/ 		0
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/dailymail-row/log/3/abtests?route=AM:IL:V&lti=lr_fpp_var1&ri=8ef34a2b99db14b4428564872244a622&sd=v2_b69e9844b1c02204d9681b9d381a421b_cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed_1617535085_1617535085_CNawjgYQ-4w9GIfS6uSJLyABKAEwFjjqxgdA4IYQSOzr2QNQ____________AVgAYABosa_ptcr9986tAQ&ui=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&pi=/news/article-9433257/inside-hq-chinese-cyber-ransom-gang.html&wi=9222800964376865031&pt=text&vi=1617535084807&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22DEDUP_DEBUG%22%2C%22type%22%3A%22true%22%2C%22eventTime%22%3A1617535085983%7D&tim=13%3A18%3A05.984&id=7523&llvl=1&cv=20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT&
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
pragma
no-cache
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish
server
nginx
x-timer
S1617535086.116395,VS0,VE67
x-served-by
cache-fra19121-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
debug
trc-events.taboola.com/dailymail-row/log/2/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/dailymail-row/log/2/debug?tim=13%3A18%3A05.984&type=warn&msg=Duplicated%20items%20monitoring%20enabled&id=275&cv=20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT&lt=lr_fpp_var1&pcs=%5Bdata-feed-main-container-id%3D%22taboola-below-article-thumbnails%22%5D&vi=1617535084807
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:06 GMT
server
nginx
x-fastly-to-nlb-rtt
5782
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.40.0.175:10213
24015022-35ce-4454-8c00-dfee1989ffa1.png
cdn.taboola.com/static/24/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/24/24015022-35ce-4454-8c00-dfee1989ffa1.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53eeac6afb74c6a3b1aca65c7ec44883268d44023b4565eccdd8ee5a68db4e63

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UbzmkdKVxR2hexvCtEoBTeEkUjPghW4t
via
1.1 varnish
etag
"ebe314a8ee4abde6826bbe25039672bb"
age
26409
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1644
x-amz-id-2
8//zgeGh8nMKs9bihCeyhdKYrii//uvihYZgJzbQKl5yZn6nugG97Lhc/MN2f2Z0tapbvB35RUE=
x-served-by
cache-fra19121-FRA
last-modified
Sun, 18 Mar 2018 11:55:49 GMT
server
AmazonS3
x-timer
S1617535086.116376,VS0,VE0
date
Sun, 04 Apr 2021 11:18:06 GMT
x-amz-request-id
9N171RERZCPA53AJ
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
17
x-cache-hits
121
debug
trc-events.taboola.com/dailymail-row/log/2/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/dailymail-row/log/2/debug?tim=13%3A18%3A06.054&type=info&msg=Load%20publisher%20card%3A%20most%20watched%20videos%20on%20Card%3A%209%20with%20the%20anchor%20element%20selector%3A%20%23most-watched-videos-lazy-container%20succeed&id=6881&cv=20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT&lt=lr_fpp_var1&idx=pc&pc=most%20watched%20videos&st=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:06 GMT
server
nginx
x-fastly-to-nlb-rtt
5782
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.22.84:10213
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=635640543029996&correlator=4385785736212819&output=ldjh&impl=fif&eid=31060550%2C31060641%2C21068110%2C44739387&vrg=2021033001&ptt=17&sc=1&sfv=1-0-38&ecs=20210404&iu_parts=5765%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=2000x1200%7C970x250%7C900x250%7C728x90&prev_scp=pos%3Dbillboard%26amznbid%3D2%26amznp%3D2%26adx_channel%3D1%26nobids%3Dtrue%26refreshCount%3D0%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9433257%26environment%3Dproduction%26country%3Dde%26abv%3D4.1.48%26mvt%3Dpermutive_on%252Cuniversalid_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1617535086151&dlt=1617535083641&idt=1494&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=-278&adks=1253008134&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=964x250&msz=967x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=963463219.1617535085&ga_sid=1617535085&ga_hid=785477306&ga_fc=false&fws=4&ohw=967&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d89a9056ea67711682d897534afd030e4cfde4f55548dd5f80fcecaa6d53dad1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12766
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		470 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=635640543029996&correlator=4385785736212819&output=ldjh&impl=fif&eid=31060550%2C31060641%2C21068110%2C44739387&vrg=2021033001&ptt=17&sc=1&sfv=1-0-38&ecs=20210404&iu_parts=5765%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ists=1&prev_scp=pos%3Dbillboard%26adx_channel%3D1%26nobids%3Dtrue%26refreshCount%3D0%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9433257%26environment%3Dproduction%26country%3Dde%26abv%3D4.1.48%26mvt%3Dpermutive_on%252Cuniversalid_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1617535086154&dlt=1617535083641&idt=1494&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2310358249&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=964x250&msz=1x1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=963463219.1617535085&ga_sid=1617535085&ga_hid=785477306&ga_fc=false&fws=132&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
329d274904467d456241a8804b9f7dac884d1a6585db385e1d94b657b24eaf65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=635640543029996&correlator=4385785736212819&output=ldjh&impl=fif&eid=31060550%2C31060641%2C21068110%2C44739387&vrg=2021033001&ptt=17&sc=1&sfv=1-0-38&ecs=20210404&iu_parts=5765%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_middle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&prev_scp=pos%3Dmpu_middle%26amznbid%3D2%26amznp%3D2%26adx_channel%3D9%26nobids%3Dtrue%26refreshCount%3D0%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9433257%26environment%3Dproduction%26country%3Dde%26abv%3D4.1.48%26mvt%3Dpermutive_on%252Cuniversalid_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1617535086157&dlt=1617535083641&idt=1494&frm=20&biw=1600&bih=1200&oid=3&adxs=978&adys=26246&adks=640657991&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=308x623&msz=308x623&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=963463219.1617535085&ga_sid=1617535085&ga_hid=785477306&ga_fc=false&fws=4&ohw=1600&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2b050949cc97e2bcf1180a8e4afb0b29eae683e49b7233e31863d5edda16df5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
google-lineitem-id
5378736227
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138312189788
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		52 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=635640543029996&correlator=4385785736212819&output=ldjh&impl=fif&eid=31060550%2C31060641%2C21068110%2C44739387&vrg=2021033001&ptt=17&sc=1&sfv=1-0-38&ecs=20210404&iu_parts=5765%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_puff_20&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&prev_scp=pos%3Dmpu_puff_20%26amznbid%3D2%26amznp%3D2%26adx_channel%3D13%26nobids%3Dtrue%26refreshCount%3D0%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9433257%26environment%3Dproduction%26country%3Dde%26abv%3D4.1.48%26mvt%3Dpermutive_on%252Cuniversalid_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1617535086159&dlt=1617535083641&idt=1494&frm=20&biw=1600&bih=1200&oid=3&adxs=978&adys=4064&adks=232841382&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=308x627&msz=308x627&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=963463219.1617535085&ga_sid=1617535085&ga_hid=785477306&ga_fc=false&fws=4&ohw=1600&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
3f7a27ba2b73057a2b547ee08a40431a241d0438de742e5f525c909ec097ac60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16479
x-xss-protection
0
google-lineitem-id
5290996269
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138335352405
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=635640543029996&correlator=4385785736212819&output=ldjh&impl=fif&eid=31060550%2C31060641%2C21068110%2C44739387&vrg=2021033001&ptt=17&sc=1&sfv=1-0-38&ecs=20210404&iu_parts=5765%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_puff_45&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&prev_scp=pos%3Dmpu_puff_45%26amznbid%3D2%26amznp%3D2%26adx_channel%3D20%26nobids%3Dtrue%26refreshCount%3D0%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9433257%26environment%3Dproduction%26country%3Dde%26abv%3D4.1.48%26mvt%3Dpermutive_on%252Cuniversalid_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1617535086162&dlt=1617535083641&idt=1494&frm=20&biw=1600&bih=1200&oid=3&adxs=978&adys=7851&adks=3096761195&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=308x627&msz=308x627&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=963463219.1617535085&ga_sid=1617535085&ga_hid=785477306&ga_fc=false&fws=4&ohw=1600&btvi=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
20db5d28bdc3307dd5ecdd10d2b4ec5f784b06b4c8a19104ff505d1176c80e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10641
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=635640543029996&correlator=4385785736212819&output=ldjh&impl=fif&eid=31060550%2C31060641%2C21068110%2C44739387&vrg=2021033001&ptt=17&sc=1&sfv=1-0-38&ecs=20210404&iu_parts=5765%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&prev_scp=pos%3Dmpu_top%26amznbid%3D2%26amznp%3D2%26adx_channel%3D15%26nobids%3Dtrue%26refreshCount%3D0%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9433257%26environment%3Dproduction%26country%3Dde%26abv%3D4.1.48%26mvt%3Dpermutive_on%252Cuniversalid_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1617535086164&dlt=1617535083641&idt=1494&frm=20&biw=1600&bih=1200&oid=3&adxs=978&adys=533&adks=4003873380&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=308x623&msz=308x623&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=963463219.1617535085&ga_sid=1617535085&ga_hid=785477306&ga_fc=false&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
14c06cb1aa5319f9fcd028cbd042f4f375fae511f8f584a6cbb959c99f0e6f9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10582
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=635640543029996&correlator=4385785736212819&output=ldjh&impl=fif&eid=31060550%2C31060641%2C21068110%2C44739387&vrg=2021033001&ptt=17&sc=1&sfv=1-0-38&ecs=20210404&iu_parts=5765%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cinread_player_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=480x270%7C636x1%7C480x1&prev_scp=pos%3Dinread_player_top%26amznbid%3D2%26amznp%3D2%26adx_channel%3D11%26nobids%3Dtrue%26refreshCount%3D0%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9433257%26environment%3Dproduction%26country%3Dde%26abv%3D4.1.48%26mvt%3Dpermutive_on%252Cuniversalid_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1617535086167&dlt=1617535083641&idt=1494&frm=20&biw=1600&bih=1200&oid=3&adxs=396&adys=961&adks=553692443&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=636x3532&msz=636x270&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=963463219.1617535085&ga_sid=1617535085&ga_hid=785477306&ga_fc=false&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b23739f36f89d58df38651cc70c506a592e9853410ad8b5c3f98f10ab59c9dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7541
x-xss-protection
0
google-lineitem-id
5558685339
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138333522455
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=635640543029996&correlator=4385785736212819&output=ldjh&impl=fif&eid=31060550%2C31060641%2C21068110%2C44739387&vrg=2021033001&ptt=17&sc=1&sfv=1-0-38&ecs=20210404&iu_parts=5765%2Cdailymail.uk%2Cdm_dmnews_newsart%2Csky_left_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C160x600%7C120x600%7C300x250&prev_scp=pos%3Dsky_left_top%26amznbid%3D2%26amznp%3D2%26adx_channel%3D10%26nobids%3Dtrue%26refreshCount%3D0%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9433257%26environment%3Dproduction%26country%3Dde%26abv%3D4.1.48%26mvt%3Dpermutive_on%252Cuniversalid_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1617535086169&dlt=1617535083641&idt=1494&frm=20&biw=1600&bih=1200&oid=3&adxs=3&adys=20&adks=2607279429&ucis=9&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x620&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=963463219.1617535085&ga_sid=1617535085&ga_hid=785477306&ga_fc=false&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
98800a09adb4ff6bcd87036a239509d390a12c58e5f2581409c328c52c4f29fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10665
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=635640543029996&correlator=4385785736212819&output=ldjh&impl=fif&eid=31060550%2C31060641%2C21068110%2C44739387&vrg=2021033001&ptt=17&sc=1&sfv=1-0-38&ecs=20210404&iu_parts=5765%2Cdailymail.uk%2Cdm_dmnews_newsart%2Csky_right_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C160x600%7C120x600%7C300x250&prev_scp=pos%3Dsky_right_top%26amznbid%3D2%26amznp%3D2%26adx_channel%3D17%26nobids%3Dtrue%26refreshCount%3D0%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9433257%26environment%3Dproduction%26country%3Dde%26abv%3D4.1.48%26mvt%3Dpermutive_on%252Cuniversalid_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1617535086171&dlt=1617535083641&idt=1494&frm=20&biw=1600&bih=1200&oid=3&adxs=1297&adys=20&adks=552738603&ucis=a&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x620&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=963463219.1617535085&ga_sid=1617535085&ga_hid=785477306&ga_fc=false&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
bddc6568346aaf34e5fd9fd8c90a9cf1034e51c4c87e702e725d57beadda0a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10631
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.json
c.go-mpulse.net/api/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD&d=www.dailymail.co.uk&t=5391784&v=1.720.0&sl=0&si=8e08fd1d-0211-4e65-90da-67814bfb5d5f-qr1e23&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=145913
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0a9cf5469d2f5bb2df25f03326c396cfff7973769d710b13136895de7646213e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1354
verification-client-v1.js
z.moatads.com/omidverificationclient/ 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/omidverificationclient/verification-client-v1.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/mailonlineminutemedia634421037781/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
151b95232ed826cb2a868f20fd4d001853e6a3de976ceeb0b5eef976626271b3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
last-modified
Wed, 13 Jan 2021 17:50:08 GMT
server
AmazonS3
x-amz-request-id
50F2922B1A030767
etag
"7146615b2f0cead50c2c618057474f07"
content-type
application/javascript
accept-ranges
bytes
content-length
31471
x-amz-id-2
9cT+DiyBMOoCgLjA+jnFMTZ2+KN5GLZ84PDPYhJD4+hl9Vc8GLUrC5YJPbf6WSRGnPiVy5wqHMY=
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=MAILONLINE_MINUTEMEDIA_DISPLAY1&hp=1&wf=1&pxm=&vb=21&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1617535086190&de=687129217303&m=0&ar=e4967b0-clean&iw=ce6be00&q=2&cb=0&ym=0&cu=1617535086190&ll=2&lm=0&ln=0&em=0&en=0&d=MINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&id=1&ii=4&bo=undefined&bd=undefined&zMoatDomain=dailymail.co.uk&zMoatSubdomain=dailymail.co.uk&gw=mailonlineminutemedia634421037781&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1320%3A1320%3A0%3A2660&fs=189983&na=1615358188&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:06 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 04 Apr 2021 11:18:06 GMT
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/3.3.7/ 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.3.7/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fe452b6d12b9a0f6d2c06daa3f67ae0faeb8d4710e7c31880fb73f7d616a81d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront), 1.1 varnish
age
94508
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
27588
x-served-by
cache-fra19121-FRA
last-modified
Sat, 03 Apr 2021 09:02:14 GMT
server
AmazonS3
x-timer
S1617535086.331289,VS0,VE0
etag
"139c4c3eacd4f66ca326e0b101650830"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
AwruxR4qck6NWYjH7UJGGZIbL-5wNhkwTRH2hJTvc08ODow58Waw7g==
x-cache-hits
4848
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.3.7/ 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.3.7/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
888185188172a2632abc86263fca635537cbfff3aaa312a5055d825747b814d2

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront), 1.1 varnish
age
94544
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
27935
x-served-by
cache-fra19121-FRA
last-modified
Sat, 03 Apr 2021 09:02:14 GMT
server
AmazonS3
x-timer
S1617535086.339651,VS0,VE0
etag
"358bc6909026ba4d8383a291422646d2"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
M1R83zQZYaJd1ug9C6yzQdDMN7ezEwUWMA2fM2hIQHkviSOy54FTJw==
x-cache-hits
8831
59c117bc88bbdeb72aa0f547e69e41ec.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59c117bc88bbdeb72aa0f547e69e41ec.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
48b306819283c71992ab669150574eb8f7aa3f617f551cdddb8731b76d83cc5a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1658843
edge-cache-tag
558432203953614086582314649392400351277,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59c117bc88bbdeb72aa0f547e69e41ec.jpg
content-length
15720
x-request-id
df659d0e2dcb7e23c7604955777bb3b6
x-served-by
cache-wdc5563-WDC, cache-dca17745-DCA, cache-fra19121-FRA
last-modified
Fri, 19 Feb 2021 06:10:43 GMT
server
cloudinary
x-timer
S1617535086.361510,VS0,VE3
etag
"4077177ec5e97042ca24f86e92a1adf9"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
b9692ed4d5f9827ccbdd7916fe042fef.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b9692ed4d5f9827ccbdd7916fe042fef.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
dbdaacfb398d13048d6f5c735fedb83bf34429cff245fb5e6cbe4da01b565cd2

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
3239171
edge-cache-tag
521262480076156876354635189917072418657,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 12 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b9692ed4d5f9827ccbdd7916fe042fef.jpg
content-length
13378
x-served-by
cache-dca17758-DCA, cache-dca17763-DCA, cache-fra19121-FRA
x-backend-name
fastlyshield--shield_cache_dca17763_DCA
last-modified
Tue, 09 Feb 2021 15:04:15 GMT
server
cloudinary
x-timer
S1617535086.361503,VS0,VE1
etag
"de5c0f036bc4cc4c4d2809523bae3c05"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
64675e0001d2c8f67653bcd73df5f659.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64675e0001d2c8f67653bcd73df5f659.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
29d4edb1aa04c485c8842d46c1a75b4f27edf7fb88a9ba8e229cb3285a610a12

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2904135
edge-cache-tag
326282873514171934569766880227476780431,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Wed, 17 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64675e0001d2c8f67653bcd73df5f659.jpg
content-length
13753
x-served-by
cache-dca17747-DCA, cache-dca17752-DCA, cache-fra19121-FRA
x-backend-name
fastlyshield--shield_cache_dca17752_DCA
last-modified
Sun, 14 Feb 2021 11:50:45 GMT
server
cloudinary
x-timer
S1617535086.361664,VS0,VE1
etag
"cce1a3db6f0b77b17d261321bcd4a2dd"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
59c117bc88bbdeb72aa0f547e69e41ec.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59c117bc88bbdeb72aa0f547e69e41ec.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2529329a0e5bf1d4c5ffd283b873ca443899a23711a2bf54a859da03dcdedb5a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
688954
edge-cache-tag
558432203953614086582314649392400351277,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 16 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59c117bc88bbdeb72aa0f547e69e41ec.jpg
content-length
41170
x-served-by
cache-dca17766-DCA, cache-dca17760-DCA, cache-fra19121-FRA
x-backend-name
fastlyshield--shield_cache_dca17760_DCA
last-modified
Tue, 16 Mar 2021 03:47:28 GMT
server
cloudinary
x-timer
S1617535086.362298,VS0,VE2
etag
"79e0b856545cbdec22e12b783aa124bb"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
41320356-0-image-a-54_1617528916026.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/10/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/10/41320356-0-image-a-54_1617528916026.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
5e94a27b4db7728e8672d91ac7d8e64f9374a8a13c0eab19721f6d155884af1d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
4899
edge-cache-tag
339998781383799029094348002503396020412,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/10/41320356-0-image-a-54_1617528916026.jpg
content-length
60340
x-request-id
0854e44e97b1dc99da80899ebf1d8f86
x-backend-name
CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified
Sun, 04 Apr 2021 09:47:26 GMT
server
cloudinary
x-timer
S1617535086.362295,VS0,VE0
etag
"83735787e27d293f2e715fc243ad2f9d"
x-served-by
cache-dca17726-DCA, cache-dca12922-DCA, cache-fra19121-FRA
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 3
90975fa57c45cab88c9c01ef924d2af6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/90975fa57c45cab88c9c01ef924d2af6.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
bafeb15ddf054e44b9c1d9e25a258cb2bdfacf6169d00d885de7b188d0a02a7b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2086614
edge-cache-tag
449873822713158744535132815291968659904,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 26 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/90975fa57c45cab88c9c01ef924d2af6.jpg
content-length
64193
x-served-by
cache-dca17735-DCA, cache-dca17724-DCA, cache-fra19121-FRA
x-backend-name
fastlyshield--shield_cache_dca17724_DCA
last-modified
Tue, 23 Feb 2021 09:04:02 GMT
server
cloudinary
x-timer
S1617535086.362837,VS0,VE2
etag
"e807a84ad5859891978cf271cb390948"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
291bef6942993f958ad37006822185ea.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/291bef6942993f958ad37006822185ea.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2f1939e0b4365904c263ac785c9caefbe9d989d803f88463c0b33bf43654352a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
3306836
edge-cache-tag
591613440650560367167537585801461898538,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 26 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/291bef6942993f958ad37006822185ea.jpg
content-length
6766
x-served-by
cache-dca17731-DCA, cache-dca17769-DCA, cache-fra19121-FRA
x-backend-name
fastlyshield--shield_cache_dca17769_DCA
last-modified
Tue, 26 Jan 2021 03:09:37 GMT
server
cloudinary
x-timer
S1617535086.391821,VS0,VE0
etag
"c6fdd167a651a701b4c417855023b9ec"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
edec516a2d687564cef769c34170b1db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/edec516a2d687564cef769c34170b1db.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
59b767baff012560cf16461d4a82a10342a673faf233989b773507becf4f4387

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2624884
edge-cache-tag
293386427038188382074246702771903125087,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 28 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/edec516a2d687564cef769c34170b1db.jpg
content-length
11093
x-served-by
cache-dca17725-DCA, cache-dca17766-DCA, cache-fra19121-FRA
x-backend-name
fastlyshield--shield_cache_dca17766_DCA
last-modified
Thu, 25 Feb 2021 10:15:16 GMT
server
cloudinary
x-timer
S1617535086.396256,VS0,VE1
etag
"401f67edacd90321b2dab429ca9a2f05"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
b9692ed4d5f9827ccbdd7916fe042fef.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b9692ed4d5f9827ccbdd7916fe042fef.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
75b42dbecde190e8796cc0e49f97119d019da0259de6dc0fed7965d2ad25ca18

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
845364
edge-cache-tag
521262480076156876354635189917072418657,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 09 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b9692ed4d5f9827ccbdd7916fe042fef.jpg
content-length
28689
x-served-by
cache-dca17767-DCA, cache-dca17751-DCA, cache-fra19121-FRA
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17751_DCA
last-modified
Tue, 09 Mar 2021 14:58:36 GMT
server
cloudinary
x-timer
S1617535086.396237,VS0,VE1
etag
"1ae758700f2263de9474a49f7eca5a73"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
41319790-0-image-a-15_1617527201108.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/10/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/10/41319790-0-image-a-15_1617527201108.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
eec228a1ab696042352ac5b80b5d3af26ffee7a026a202afbe3b67100234fd3b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
6425
edge-cache-tag
593052188498919410577103983495398603649,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/10/41319790-0-image-a-15_1617527201108.jpg
content-length
42411
x-request-id
a374be841dbfd64e2b7f79af6c9a3f60
x-backend-name
CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified
Sun, 04 Apr 2021 09:18:43 GMT
server
cloudinary
x-timer
S1617535086.398190,VS0,VE1
etag
"30e2ce8cc018319cf3c0dd4034c8c603"
x-served-by
cache-dca17735-DCA, cache-dca17739-DCA, cache-fra19121-FRA
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
64675e0001d2c8f67653bcd73df5f659.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64675e0001d2c8f67653bcd73df5f659.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2c3cf8ed53e22fad784b7e01f9977e15c4d209c985db918ed120f4542c755b01

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1702809
edge-cache-tag
326282873514171934569766880227476780431,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 09 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64675e0001d2c8f67653bcd73df5f659.jpg
content-length
36711
x-served-by
cache-dca17748-DCA, cache-dca17773-DCA, cache-fra19121-FRA
x-backend-name
fastlyshield--shield_cache_dca17773_DCA
last-modified
Tue, 09 Mar 2021 13:57:22 GMT
server
cloudinary
x-timer
S1617535086.402069,VS0,VE1
etag
"45a618a211dcac184c99553a64b88265"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
41319464-0-image-a-99_1617526530271.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/09/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/09/41319464-0-image-a-99_1617526530271.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
7504050754ac1fd593813283aac0e61e8eb4de078ff0fea76d49b1a64898d954

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
7676
edge-cache-tag
345694669256126256106472715720612245476,356737923103245843458775926512817796149,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/09/41319464-0-image-a-99_1617526530271.jpg
content-length
70602
x-request-id
8fb884e5b89b37e62ff8678e3752d284
x-backend-name
CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified
Sun, 04 Apr 2021 09:08:17 GMT
server
cloudinary
x-timer
S1617535086.402318,VS0,VE1
etag
"737ce87a1e0aad3f5ad9c86cc0f4c5a5"
x-served-by
cache-dca17771-DCA, cache-dca17746-DCA, cache-fra19121-FRA
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
fcde77bc9c592a1a24d3d6c3be6a15eb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcde77bc9c592a1a24d3d6c3be6a15eb.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
9ff1ec6a5c6cd2b6f8b9c7c384065d1c90be31f744aabe4a0ac4650352a63aa1

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1206785
edge-cache-tag
512930412624267429975295616115638551526,356737923103245843458775926512817796149,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Thu, 08 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fcde77bc9c592a1a24d3d6c3be6a15eb.jpg
content-length
37428
x-served-by
cache-dca17768-DCA, cache-dca17750-DCA, cache-fra19121-FRA
x-backend-name
fastlyshield--shield_cache_dca17750_DCA
last-modified
Mon, 08 Mar 2021 11:36:49 GMT
server
cloudinary
x-timer
S1617535086.422147,VS0,VE1
etag
"fdb632723060effb48d6516ad5ca12bc"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
41318320-0-image-a-2_1617523747395.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/09/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/09/41318320-0-image-a-2_1617523747395.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
9940d9992b9a24e644833706c56a5e19185d9fa302c334bfdd0199daa174f0e6

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
8328
edge-cache-tag
361831921477722879669772940944140333671,356737923103245843458775926512817796149,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/09/41318320-0-image-a-2_1617523747395.jpg
content-length
92412
x-request-id
216a32f337d274c55306cbaa8d4d6497
x-backend-name
CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified
Sun, 04 Apr 2021 08:57:36 GMT
server
cloudinary
x-timer
S1617535086.441969,VS0,VE0
etag
"a6e99bcbb54b9390fd5220dee66d34bc"
x-served-by
cache-dca17774-DCA, cache-dca17733-DCA, cache-fra19121-FRA
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
41320928-0-image-a-14_1617531138218.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_190%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/11/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_190%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/11/41320928-0-image-a-14_1617531138218.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2f8dac6610f3f5722e1dd80b467ddc23575d6b4928975ae9957281b22d816c85

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2133
edge-cache-tag
358150706438110437688242780071046047774,586447576921672440320975332630694222884,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_190%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/11/41320928-0-image-a-14_1617531138218.jpg
content-length
44257
x-request-id
66b7e3873abf56253b455db198a17aee
x-backend-name
CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified
Sun, 04 Apr 2021 10:18:17 GMT
server
cloudinary
x-timer
S1617535086.442103,VS0,VE0
etag
"10654720cc0db1fa5ce7fbd479b5a245"
x-served-by
cache-dca17766-DCA, cache-dca17767-DCA, cache-fra19121-FRA
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
41319152-0-image-a-7_1617525792809.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_190%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/09/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_190%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/09/41319152-0-image-a-7_1617525792809.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
1e2512ffab2a6f12181cbb3434c114a16ccc6ab3b4863035bc9a540d35450ef2

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
8819
edge-cache-tag
297295507954124015991105287185749404357,586447576921672440320975332630694222884,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_190%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/09/41319152-0-image-a-7_1617525792809.jpg
content-length
18749
x-request-id
b6a608e8d7f2121d0fb2aa6a2fa17249
x-backend-name
CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified
Sun, 04 Apr 2021 08:48:01 GMT
server
cloudinary
x-timer
S1617535086.442202,VS0,VE0
etag
"c482338068f23494146080678c811698"
x-served-by
cache-dca17730-DCA, cache-dca17748-DCA, cache-fra19121-FRA
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
b233ce8524cad98bf344d71759653e7f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b233ce8524cad98bf344d71759653e7f.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2edccccd61b8e78c3897a5fd222f87227e738553c54634a42ef4ecdb81e54ad6

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2768139
edge-cache-tag
383119871205474938496842034232857444474,356737923103245843458775926512817796149,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 05 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b233ce8524cad98bf344d71759653e7f.png
content-length
51267
x-served-by
cache-dca17740-DCA, cache-dca17722-DCA, cache-fra19121-FRA
x-backend-name
fastlyshield--shield_cache_dca17722_DCA
last-modified
Tue, 02 Feb 2021 00:06:59 GMT
server
cloudinary
x-timer
S1617535086.448400,VS0,VE1
etag
"4d64f3c798b96ebedd6342d871f51e76"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
truncated
/ 		120 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
902899b8dd3a6b30f6bc1be0f39f48ce72d0c41357d8bf521cd86f58bb633b7e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
mol-video.woff
www.dailymail.co.uk/static/videoplayer/6.12.0/font/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/videoplayer/6.12.0/font/mol-video.woff
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/videoplayer/6.12.0/styles/mol-fe-videoplayer.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4e89866ffba8b06a31d366ea9f6f5331f87fe29877bfce5381b78a46ddb7fd19

Request headers

Origin
https://www.dailymail.co.uk
Referer
https://www.dailymail.co.uk/static/videoplayer/6.12.0/styles/mol-fe-videoplayer.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
last-modified
Thu, 17 Dec 2020 10:11:18 GMT
server
AkamaiNetStorage
etag
"485a02e860743f3a21195c18ca687a40:1608199878.346213"
vary
User-Agent
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=2588413
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
3376
expires
Tue, 04 May 2021 10:18:19 GMT
bridge3.448.1_en.html
imasdk.googleapis.com/js/core/ Frame E7AF 		578 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435bfd2298310eb82d20743c88f633bdf70633bfae20c394dd526a79ddefa566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.448.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193558
date
Wed, 31 Mar 2021 20:55:35 GMT
expires
Thu, 31 Mar 2022 20:55:35 GMT
last-modified
Wed, 31 Mar 2021 17:39:18 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
310951
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
41318972-0-image-a-9_1617525250118.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/09/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/09/41318972-0-image-a-9_1617525250118.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d1bf06ce177b3cfe91c084d1d946fdbc3668cd4575ca0312409a1c568d006160

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
9585
edge-cache-tag
483379358396585141342703759212709461079,356737923103245843458775926512817796149,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.dailymail.co.uk/1s/2021/04/04/09/41318972-0-image-a-9_1617525250118.jpg
content-length
40672
x-request-id
9a945d6fbfa3ce55dccec99155705aa6
x-backend-name
CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
last-modified
Sun, 04 Apr 2021 08:37:56 GMT
server
cloudinary
x-timer
S1617535086.450827,VS0,VE0
etag
"d90732c30dd277e20cb1cbf45a34633e"
x-served-by
cache-dca17758-DCA, cache-dca12922-DCA, cache-fra19121-FRA
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
00e882684cf172127b286de95b21cfa7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00e882684cf172127b286de95b21cfa7.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
1afd24017bd33359d395870b56ee7f6eae364be65814bbabde43f8c17ff19af3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1700223
edge-cache-tag
375270271752210692240939355830637670937,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Tue, 30 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00e882684cf172127b286de95b21cfa7.jpg
content-length
15534
x-served-by
cache-dca17754-DCA, cache-dca17748-DCA, cache-fra19121-FRA
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17748_DCA
last-modified
Sat, 27 Feb 2021 19:18:03 GMT
server
cloudinary
x-timer
S1617535086.452871,VS0,VE0
etag
"4e9a55fffe1ee8052a1b610f364fb2a0"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
126df4437e1f9ba3043d579b22edd827_1000x600_afe5b8a2b59014d5cb197d19e71573b5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/126df4437e1f9ba3043d579b22edd827_1000x600_afe5b8a2b59014d5cb197d19e71573b5.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
4ea8e09e539bcb4dfe00f2656f49182fc3d3748178bbdb2ae28e0cda31ec7be3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1704976
edge-cache-tag
433783008445635331339915531670006686301,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Thu, 08 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/126df4437e1f9ba3043d579b22edd827_1000x600_afe5b8a2b59014d5cb197d19e71573b5.png
content-length
17884
x-served-by
cache-dca17756-DCA, cache-dca17725-DCA, cache-fra19121-FRA
x-backend-name
fastlyshield--shield_cache_dca17725_DCA
last-modified
Mon, 08 Mar 2021 05:16:02 GMT
server
cloudinary
x-timer
S1617535086.475305,VS0,VE1
etag
"f7c0e4be7454465ccc725145ce84c5d6"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
225114
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/225114
Requested by
Host: js.spotx.tv
URL: https://js.spotx.tv/directsdk/v1/234272.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
x-openrtb-version
2.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 04 Apr 2021 11:18:07 GMT
X-SpotX-Timing-Transform
0.000270
X-SpotX-Timing-SpotMarket
0.008493
X-SpotX-Timing-Page-Mux
0.001083
X-SpotX-Timing-Page-Require
0.000415
X-fe
144
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000025
X-SpotX-Timing-Page
0.012748
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000278
Last-Modified
Sun, 04 Apr 2021 11:18:07 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.008493
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
X-SpotX-Timing-Page-Misc
0.002170
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
225114
search.spotxchange.com/openrtb/2.3/dados/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/225114
Protocol
HTTP/1.1
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sun, 04 Apr 2021 11:18:07 GMT
Content-Type
text/plain;charset=UTF-8
Content-Length
0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Sun, 04 Apr 2021 11:18:07 GMT
Cache-Control
no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Access-Control-Allow-Headers
content-type,x-openrtb-version
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
2592000
a7eb492f-ee77-4741-be48-47b27770ac84
crb.kargo.com/api/v1/initsync/ Frame D30B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/initsync/a7eb492f-ee77-4741-be48-47b27770ac84?partners=Tapad,ttd,mediamath,DBM,LiveRamp
Requested by
Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/ad/network/klick/klick-dailymail.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.128.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
crb.kargo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Date
Sun, 04 Apr 2021 11:18:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Krk-Reject-Reason
consent
Pragma
no-cache
Vary
Origin
X-Accel-Expires
0
Connection
keep-alive
sync-success
klkstrm.kargo.com/event/ 		0
0
setABframe.js
www.newzit.com/static/1.54.7/ Frame 15E4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newzit.com/static/1.54.7/setABframe.js
Requested by
Host: www.newzit.com
URL: https://www.newzit.com/setABframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bab8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
94788e3b5c932d7070014c95f02793ed287abf02f070d3ed1a2d2b1d95a75390

Request headers

Referer
https://www.newzit.com/setABframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
br
last-modified
Tue, 23 Mar 2021 10:04:31 GMT
server
Akamai Resource Optimizer
etag
"ca05c92ae10a300d9d9f8e9fcf99cfbe:1616493756.947101"
content-type
application/x-javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
1067
expires
Sun, 11 Apr 2021 11:18:06 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&pxm=&vb=21&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.dailymail.co.uk%2F%2Fnews%2Farticle-9433257%2F-&i=MAILONLINE_MINUTEMEDIA_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-hQUexBkFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=398&w=636&om=0&fy=318&gp=945&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&id=1&ii=4&f=0&j=&t=1617535086190&de=687129217303&cu=1617535086190&m=100&ar=e4967b0-clean&iw=ce6be00&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=51633&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A15%3A0&vp=64&vx=64%3A0%3A-&pe=1%3A1320%3A1320%3A0%3A2660&as=0&ag=32&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=64&pf=0&ib=1&cc=0&bw=32&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=64&cd=0&ah=64&am=0&rf=0&re=0&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=MINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER&bo=undefined&bd=undefined&gw=mailonlineminutemedia634421037781&zMoatDomain=dailymail.co.uk&zMoatSubdomain=dailymail.co.uk&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=980307376&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:06 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 04 Apr 2021 11:18:06 GMT
SiteEvent.dotmetrics
uk-script.dotmetrics.net/ 		316 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6NDYzNywiZmwiOnRydWUsImRvbSI6Ind3dy5kYWlseW1haWwuY28udWsiLCJmc28iOm51bGwsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL25ld3MvYXJ0aWNsZS05NDMzMjU3L0luc2lkZS1IUS1DaGluZXNlLWN5YmVyLXJhbnNvbS1nYW5nLmh0bWw%2FbnNfbWNoYW5uZWw9cnNzJm5zX2NhbXBhaWduPTE0OTAmaXRvPTE0OTAmX2hzbWk9ODg5NzQ3NDQmX2hzZW5jPXAyQU5xdHotOFVaMEpudk9VUFJxLXBoeXJ0UkZlb0QwaS13dzVTZE1MRVdSRHJXNVBsN0h6V2dFU1dsTjk3RGV5UE5PNWJncF94bTUzSmtobF9Hc3FfM1JFb2tZLWp4eXpjNDkta3dVdnh3VjdoMmgtSUZhUkJNU00iLCJydXJsIjoiIiwicHZzIjoxLCJwdmlkIjoia24zMm1qYTIxeGptdm1qenU2NSIsIm9zcyI6dHJ1ZSwib3NlcyI6dHJ1ZX0%3D&r=1617535086604
Requested by
Host: uk-script.dotmetrics.net
URL: https://uk-script.dotmetrics.net/Scripts/script.js?v=177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-83.dus51.r.cloudfront.net
Software
Kestrel /
Resource Hash
5f74a3da6c33974e2a47b60839dbe7d5b48961aaf69f6e769a9ab1cdbd6aff02

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
cache-control
no-cache
content-type
application/javascript
x-amz-cf-id
xB34381UkhZ21IzlZ9-FSD5KgEeM1pBg7NdilcHhLDoL4sfMUgDNqQ==
casale
match.adsrvr.org/track/cmf/ Frame C81D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YGmgbnpO9fyfZTUURfDmcQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame C81D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:07 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:06 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C81D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YGmgbnpO9fyfZTUURfDmcQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELG0ioR9-SVjXNpzsvgHH9w&google_cver=1&gdpr=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELG0ioR9-SVjXNpzsvgHH9w&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:06 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELG0ioR9-SVjXNpzsvgHH9w&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C81D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEAp3iE_-clqUyeZkhm0TS04&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEAp3iE_-clqUyeZkhm0TS04&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:06 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEAp3iE_-clqUyeZkhm0TS04&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C81D
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b6a146d5-da85-4cf4-8b6d-eebdeef1e630
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b6a146d5-da85-4cf4-8b6d-eebdeef1e630
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:07 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:07 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=b6a146d5-da85-4cf4-8b6d-eebdeef1e630
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
113
match.deepintent.com/usersync/ Frame C81D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-length
0
server
b
crum
dsum-sec.casalemedia.com/ Frame C81D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1ab36069-a071-4700-b89b-5bfccf5e91b5&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1ab36069-a071-4700-b89b-5bfccf5e91b5&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:09 GMT

Redirect headers

Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
MT3 3628 75f709e master zrh-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1ab36069-a071-4700-b89b-5bfccf5e91b5&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Apr 2021 11:18:03 GMT
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame C81D 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=YGmgbnpO9fyfZTUURfDmcQAA%261177
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.88.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-88-36.compute-1.amazonaws.com
Software
nginx/1.16.1 / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:06 GMT
ETag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
Server
nginx/1.16.1
x-powered-by
adzerk bifrost/
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
undefined
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
Content-Length
43
x-served-by
engine-production-i-070f7c1f8d3772eff
cs&eq_cc=1
um2.eqads.com/um/ Frame FCD2
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=184665&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.142.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
5e93d9274cd8eb2b7258d96da1cc9bf5edc24c691f29c65bff43383e9cdbb6d7

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum-sec.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=acbbbd46-97bb-49dc-b0c7-c07f8299bd17
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Sun, 04 Apr 2021 11:18:10 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sun, 04 Apr 2021 11:18:10 GMT
pragma
no-cache

Redirect headers

date
Sun, 04 Apr 2021 11:18:10 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=acbbbd46-97bb-49dc-b0c7-c07f8299bd17; Path=/; Domain=eqads.com; Expires=Sun, 04 Jul 2021 11:18:10 GMT; Secure; SameSite=None
truncated
/ 		339 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa43023e804760a3afc30fd16ed1553246136329d7a3a871672b5ee8c7022fc2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a4055df87fb1d7107976b40c27409f42d0e58278bd88e24e49109f09a8de14d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0294 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1JUPyk0kFjqJVPmq8AOGy-tZuGgwSPE099zxrR1ZJ-N4yw08z1fVs0-XROFi_9mgEGOW3ZQXTDx9tNfDnBYYE2HuwG5e78EyEhC7MTmhePLAM4p8OYxsbkE1OKIR2Lk7Y706RZlRNji96fWXwFklYim_bzY_H-dF_kvIXFEgMupFbK6bfYtjuh4RkfD4P_zVDQOqaD6RzLNC6X5lSqPIyhn5ozXzQ0WrnA_vlNDjQKgl8heOupJRx_KQWYlsBaB_XZxLm7Nyr0r3vLVW-jxZr4Q79RD95K18JeV23fZTeTSdauTgpONf0KPbkT8TsTLe1cg0mojT_e47k4kMANSa_Wmv46_h_3T7B-jAcPDZ6G8QxQTp4C8CEF07s&sai=AMfl-YRH7U2LaUaU4vRlMUr2UukX6j8bxz6nXmhSz33MImF5TN3VpS8zqW6NKHhYis639g7QMFXplrRqe0zOq88bzpfg4GfKOO0FLHdFkpjB2jfFZBQsrhXIALrPA0Me9ENW&sig=Cg0ArKJSzEYb6_mi4zoWEAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 04 Apr 2021 11:18:06 GMT
loader.js
cdn.taboola.com/libtrc/dailymail-dfpads/ Frame 0294 		103 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/dailymail-dfpads/loader.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
obaker.93.1.2-11.38.9 /
Resource Hash
e9919a25a67b3621c47628d913f9f3b2317630fd39c880f505a7388258870b18

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_VgXpulh6vh1yrXHhcBqYff0wVrpxZBD
content-encoding
gzip
etag
"e385fadcdd17235317acf60d9d9b53dc42140eb0"
age
8829
via
1.1 varnish
x-cache
HIT
x-from-cache
1
content-length
21561
x-amz-id-2
EWBj07kHttdCitjbieg+FDGy4F14inW1zLLov774oovv0NSKOGA+SgBmYDTOaBE5yJ+7TyBY/jI=
x-served-by
cache-fra19121-FRA
last-modified
Sun, 04 Apr 2021 08:48:20 UTC
server
obaker.93.1.2-11.38.9
x-timer
S1617535087.758719,VS0,VE1
date
Sun, 04 Apr 2021 11:18:06 GMT
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
R36VKKJ57W5YR6CH
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
6
x-cache-hits
1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0294 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617218245166195"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36656
x-xss-protection
0
expires
Sun, 04 Apr 2021 11:18:06 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617218226621639"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28276
x-xss-protection
0
expires
Sun, 04 Apr 2021 11:18:06 GMT
topArticlesXP
www.newzit.com/api/30/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newzit.com/api/30/topArticlesXP?{%22key%22:%22newsGB%22}
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-xpmodule-news-search/1.15.2/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bab8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b4e486f5794eb655bcd092e9871a59fa8857d727d60526096bcd575aa12c9114

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-rs-ops
varnish-news-search-c2-fe:6081
date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
gzip
x-cache-origin
["78mqNl5u9aZH5BCvlNZuhy56nfstztXMFCv4OKRSk6k%3D","local(news-search-api-c1.rdg.mol.dmgt.net%3A24437)","sync"]
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=21
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=-14, origin; dur=23
accept-ranges
bytes
x-rs-ben
news-search-api-c1.rdg.mol.dmgt.net:4444
content-length
2011
expires
Sun, 04 Apr 2021 11:18:27 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame BDF2 		11 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=400x300%7C640x480%7C480x270%7C640x360&iu=%2F175840252%2FMMPlus%2FDailyMail%2Fdailymail.co.uk%2FVideo&gdfp_req=1&env=vp&output=xml_vmap1&unviewed_position_start=1&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&description_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&correlator=3485632668830773&cust_params=playersize%3Dlarge%26mm_midroll%3D1&ad_rule=1&pod=1&us_privacy&vid=01f2e8x5gvhgrbdarr&cmsid=2555788&vpmute=1&sdkv=h.3.448.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=4198222906&sdk_apis=2%2C8&sid=969BC4B7-3D46-4A59-8050-97FB5BB99698&eid=418572006&dt=1617535086778&cookie=ID%3D6bb8c0e728e8d1f0-22a35e5dfcba006e%3AT%3D1617535085%3AS%3DALNI_Ma8BASAGmJR4O6sEgYI5BnE24BfHQ&scor=2257703427292300&ged=ve4_td3_tt2_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
85dbb85be92cd871f54f8cc28236e1c8393d8cacc0118a1f99764a6acbf8a527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
956
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
cdn.taboola.com/libtrc/ Frame 0294 		473 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-dfpads/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9915cb993f478467f5553d1870d367d6a174337f6691e5298c26977c392d067c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
234nJrNPWJCJ8vAMG7kaq3YpiIvfrcq4
content-encoding
br
etag
"461c8cd9f6f099c664c29b24c1c29aab"
age
27877
x-cache
HIT
content-length
111201
x-amz-id-2
K5Olxgi8rLSHRF9f/czrEjD0jqBUnX1qWd+hE3P1vf2Ugw1u454KdMPSsP5+Cbm0TIaVLgSGahU=
x-served-by
cache-fra19121-FRA
last-modified
Thu, 01 Apr 2021 11:26:16 GMT
server
AmazonS3-br
x-timer
S1617535087.817825,VS0,VE0
date
Sun, 04 Apr 2021 11:18:06 GMT
vary
Accept-Encoding
x-amz-request-id
QTK970NTT6XPT0PP
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
17
x-cache-hits
3685
tr5
cdn.taboola.com/libtrc/ Frame 0294 		3 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=lr_fpp_var1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1617535087.818169,VS0,VE0
x-served-by
cache-fra19121-FRA
x-cache
HIT
content-type
text/html
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
truncated
/ Frame 0294 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ffa160c3c98d65ac623bec9d6afee4a294f79da61d1b5248405f1dd0e726bc7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
st
imprammp.taboola.com/ Frame 137B 		973 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&cmcv=&pix=undefined&cb=1617535086902&uv=2945&tms=1617535086902&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vB!srd_vI!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=35E53589A6505602671378324873&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&cmcv=&pix=undefined&cb=1617535086902&uv=2945&tms=1617535086902&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vB!srd_vI!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=35E53589A6505602671378324873&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish
x-served-by
cache-fra19121-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1617535087.918888,VS0,VE11
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame F872 		973 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
date
Sun, 04 Apr 2021 11:18:06 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3405
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=4706985&noaop=3&sortOrderType=0&cb=1617535086907&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1212&pt=-1189359739&tz=120&viewable=true&ddast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1182345&dpubid=223815&abtst=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vB!srd_vI!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.dailymail.co.uk&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1ca098a256cae2c393c7a8c24f12d8ea94842d151d6a04a826961525d5bfe84

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-encoding
gzip
access-control-allow-origin
https://www.dailymail.co.uk
machineid
1463
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19121-FRA
pragma
no-cache
server
nginx
x-timer
S1617535087.923242,VS0,VE60
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&cmcv=&pix=31589837&cb=1617535086902&uv=2945&tms=1617535086902&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vB!srd_vI!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1617535083067.4622!ts:1617535086902&mntl=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-length
0
server
nginx
truncated
/ 		232 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
465fe72514f81fccb7dc41806add85abf16d815f3a3831ceca98bb85475e1d4f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
st
imprammp.taboola.com/ Frame E2DC 		973 B
549 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4901665&dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&cmcv=&pix=undefined&cb=1617535086921&uv=2945&tms=1617535086921&abt=adh5c-1_vA!insc_vA!lapams_vA!rvf1_vB!spa2_vB!srd_vI!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=F545242F7720894090381909489&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4901665&dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&cmcv=&pix=undefined&cb=1617535086921&uv=2945&tms=1617535086921&abt=adh5c-1_vA!insc_vA!lapams_vA!rvf1_vB!spa2_vB!srd_vI!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=F545242F7720894090381909489&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Sun, 04 Apr 2021 11:18:06 GMT
via
1.1 varnish
x-served-by
cache-fra19121-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1617535087.937071,VS0,VE10
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame 85DD 		973 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
date
Sun, 04 Apr 2021 11:18:06 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3402
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8060095&crid=4901665&dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&cmcv=&pix=31589837&cb=1617535086921&uv=2945&tms=1617535086921&abt=adh5c-1_vA!insc_vA!lapams_vA!rvf1_vB!spa2_vB!srd_vI!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1617535083067.4622!ts:1617535086921&mntl=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:06 GMT
content-length
0
server
nginx
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 3400 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190062
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:30:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:30:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 3400 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190051
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:30:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:30:36 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 3400 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190127
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 3400 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190127
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 3400 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190127
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
css
fonts.googleapis.com/ Frame 3400 		6 KB
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=fr
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf36c2a91f108e0eb00d5d2f09de162b72da38a46bca7e80eb13f53aabac4d70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Apr 2021 11:09:15 GMT
server
ESF
date
Sun, 04 Apr 2021 11:18:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Apr 2021 11:18:07 GMT
css
fonts.googleapis.com/ Frame 3400 		4 KB
690 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Apr 2021 11:18:00 GMT
server
ESF
date
Sun, 04 Apr 2021 11:18:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Apr 2021 11:18:07 GMT
truncated
/ Frame 3400 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4c7bd52329a768d28d0c4d688b0cf5752704b610a1e8bef8a1943b02a853f0a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/2770387613974446486/ Frame 3400 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2770387613974446486/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoImQMQ1gEYASABLQAAAD8wmgM41gFFAACAPw&rs=AOga4qm9vlmmPVr_7fPBbbg403PArqGeAQ
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
144798287486de761bf37f93e9cc80633d813fcd056dff39214248d76f7ff0d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Jan 2021 13:40:26 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29511
x-xss-protection
0
expires
Mon, 04 Apr 2022 11:18:07 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/8652244639305886014/ Frame 3400 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8652244639305886014/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qlRL19UYViyg2Syhdg42IAadV2Brw
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1f0c468601b2c672c460708077388a4a4994a909e086fdaa6dfdba70e636cd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 10:31:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Sep 2019 02:36:06 GMT
server
sffe
age
348418
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2971
x-xss-protection
0
expires
Thu, 31 Mar 2022 10:31:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3400 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYwFobqBpYOT7KIeix_APgZmp8Arrgr_yYc65tuHrDM_hx9STDhABIKzZuCJgufjHgNwBoAHv6auYA8gBBqkCf4XTpoa6sz7gAgCoAwHIAwqqBK0CT9Awi5tVWR3jfVQyDRcB6V-EfWHOwHHkA9qYznLwVaZgR5WI5VrhvcE4UOAHZC6lgJt5zEgQuoom8yDwjfwRPA44A5tLaDRCON8dWFMD919GbgkqeYRvMD07BD5iQjSX7rdvw2HItHyP_WF8DsigEgWCrwO15Tsum5BVil1EQAba2p8I_YxfiQ3YM7WyKpUwJ9V4SO_z9EKl4qEvgKzD24LwEIp7MB8Xpbip8Vi9TLCaCh3XKqosj8p8qRRV7_scVI-BGS_gB48YIG0CKwG9bCdTZdTvHGG3S2-yojl93wjMk-NHHrEUBpHsW8GizAQEqtd1vuajFUnXo698XQ_tEDsfUlysFWhVwaWS_3MOD2g5EmTShKSgtYyfDI11vbCqDfIyEIa_nT4O5UApH8AE4eiemf4C4AQBkgUECAQYAZIFBAgFGASgBjeAB_mV1GeoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ9NsZ0ggJCIDhgFAQARgdgAoDyAsB2BMMshcaChgIABIUcHViLTQxODA4MzU2OTQxNjYyNTU&sigh=gvk2x4YEysg&template_id=492&tpd=AGWhJmvYSy3JetJOvn1QfqG6jtuVbsnwc81ilbVUmduS3ktVMQ
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3400 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
74473
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 04 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3400 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
46862
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 04 Apr 2021 22:17:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0294 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssib8XoA5JFxF4QPvKhb29xSKGZAsLBrG7ImMCxrB3WRMcnln2s02m7DFUzAxX5eW9sR_yG6liG418e8P_9Abe4DwcQA3Zi9-UjcDN5-rkDaB5QyJveBS4vpkYniX6-d37L3i4SpcImkXHpLh0xPxlebuI31EgtmAgoAWe2jIonSjxQCZeWE0hO3UXlWMTH9bz3_LQxiKw8fOr9U_9joCWJoOmYQUsduEcLlDN7bIed1O56og3KlmFGXSlD4ZKlO9SDxHFk7km_CsKXcFlMBl0kMPvyjWh8jrQf-B7JgdimV_u6xSvn0qobJbhAHzeILHu4_rk1dCmiTYeGe6BEusG8WA&sai=AMfl-YRVPdULnfOWuweNzHPvtWKLN89hgSp1Z60BztwVsGUX6r1QMGkJy7gF2LjwXoTRsZM5v_oaFadgkUR3vVWkhGg4lNXMCfrqaJ5Lh9R3fQROosHWO8PZGnHxS418pR8a&sig=Cg0ArKJSzIDIZhxO3kUEEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 04 Apr 2021 11:18:07 GMT
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/29_4_5/infra/ 		633 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/29_4_5/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9025656e529d4cae4144388137739bbe819cdf38001361e727b808c4120aa1c8

Request headers

Origin
https://www.dailymail.co.uk
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
via
1.1 varnish
age
1040897
x-amz-meta-mtime
1616493987
x-cache
HIT
x-amz-meta-ctime
1616494156
x-amz-meta-mode
33188
content-encoding
br
content-length
114372
x-amz-id-2
0cFAeqKc8FRAra7ddfX8DMtCZ5qVwB+agwxgRPev/4fteeR/UVO3tqArXIPZXCjT9MTbbcQgAU0=
x-served-by
cache-fra19136-FRA
accept-ranges
bytes
last-modified
Tue, 23 Mar 2021 10:09:18 GMT
server
AmazonS3-br
x-timer
S1617535087.083587,VS0,VE0
etag
"d55b9a61210e205f16efbcf372c65ba6"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
1MWG3D340ZXKRXJ8
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
297697
cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_4_5/assets/css/ 		57 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/29_4_5/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.7/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
7427a116d79e96b86d83e53a1008f2a7bdf70f5bef2f5756edb2da0c73519808

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
via
1.1 varnish
age
1040899
x-amz-meta-mtime
1616493987
x-cache
HIT
x-amz-meta-ctime
1616494106
x-amz-meta-mode
33188
content-encoding
br
content-length
7702
x-amz-id-2
lyH/1JRdUUBVoqwPZ+4VuiFKNYQ2hIjU67JYU4h1RSBtwXnCQ5SJwOT5VN66oUKYzf3gKEwaYO4=
x-served-by
cache-fra19121-FRA
accept-ranges
bytes
last-modified
Tue, 23 Mar 2021 10:08:28 GMT
server
AmazonS3-br
x-timer
S1617535087.305663,VS0,VE0
etag
"f265691e8bdb158dc63dacde1204f88c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
JFVHG5WHDESG4QCR
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
304203
ads
pubads.g.doubleclick.net/gampad/ Frame BDF2 		156 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F175840252%2FMMPlus%2FDailyMail%2Fdailymail.co.uk%2FVideo&sz=400x300%7C640x480%7C480x270%7C640x360&ciu_szs&cust_params=playersize%3Dlarge%26mm_midroll%3D1&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=31000&vrid=1220307&adk=4198222906&correlator=3485632668830773&dt=1617535087077&ged=ve4_td3_tt2_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&osd=2&scor=2257703427292300&sdk_apis=2%2C8&us_privacy&vis=1&u_so=l&eid=418572006&hl=en&frm=0&cmsid=2555788&sdki=44d&sdkv=h.3.448.1&sdr=1&video_doc_id=01f2e8x5gvhgrbdarr&vpmute=1&kfa=0&tfcd=0&ctv=0&sid=969BC4B7-3D46-4A59-8050-97FB5BB99698&cookie=ID%3D6bb8c0e728e8d1f0-22a35e5dfcba006e%3AT%3D1617535085%3AS%3DALNI_Ma8BASAGmJR4O6sEgYI5BnE24BfHQ
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
taboola-supply-partners.tremorhub.com/ Frame F872 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:ae67:61d5:5bef:8e79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame F872 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame F872 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-63-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame F872
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Sun, 04 Apr 2021 11:18:07 GMT
server
nginx
x-fastly-to-nlb-rtt
5240

Redirect headers

Date
Sun, 04 Apr 2021 11:18:07 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
55
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame F872 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.46.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-46-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3400 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=fr
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dailymail.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
177270
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
expires
Sat, 02 Apr 2022 10:03:37 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3400 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=fr
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dailymail.co.uk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
177270
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Sat, 02 Apr 2022 10:03:37 GMT
sync
taboola-supply-partners.tremorhub.com/ Frame 137B 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&cmcv=&pix=undefined&cb=1617535086902&uv=2945&tms=1617535086902&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vB!srd_vI!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=35E53589A6505602671378324873&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:ae67:61d5:5bef:8e79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 137B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&cmcv=&pix=undefined&cb=1617535086902&uv=2945&tms=1617535086902&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vB!srd_vI!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=35E53589A6505602671378324873&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame 137B 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&cmcv=&pix=undefined&cb=1617535086902&uv=2945&tms=1617535086902&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vB!srd_vI!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=35E53589A6505602671378324873&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-63-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 137B
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
0
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&cmcv=&pix=undefined&cb=1617535086902&uv=2945&tms=1617535086902&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vB!srd_vI!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=35E53589A6505602671378324873&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Sun, 04 Apr 2021 11:18:07 GMT
server
nginx
x-fastly-to-nlb-rtt
5643

Redirect headers

Date
Sun, 04 Apr 2021 11:18:07 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
74
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 137B 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&cmcv=&pix=undefined&cb=1617535086902&uv=2945&tms=1617535086902&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vB!srd_vI!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=35E53589A6505602671378324873&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.46.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-46-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 85DD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 85DD 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:ae67:61d5:5bef:8e79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
pixel.advertising.com/ups/58166/ Frame 85DD 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-63-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 85DD
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
0
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.34.64:10213
date
Sun, 04 Apr 2021 11:18:07 GMT
server
nginx
x-fastly-to-nlb-rtt
10573

Redirect headers

Date
Sun, 04 Apr 2021 11:18:07 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
35
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 85DD 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.46.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-46-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame E2DC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4901665&dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&cmcv=&pix=undefined&cb=1617535086921&uv=2945&tms=1617535086921&abt=adh5c-1_vA!insc_vA!lapams_vA!rvf1_vB!spa2_vB!srd_vI!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=F545242F7720894090381909489&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame E2DC 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4901665&dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&cmcv=&pix=undefined&cb=1617535086921&uv=2945&tms=1617535086921&abt=adh5c-1_vA!insc_vA!lapams_vA!rvf1_vB!spa2_vB!srd_vI!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=F545242F7720894090381909489&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:ae67:61d5:5bef:8e79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
pixel.advertising.com/ups/58166/ Frame E2DC 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4901665&dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&cmcv=&pix=undefined&cb=1617535086921&uv=2945&tms=1617535086921&abt=adh5c-1_vA!insc_vA!lapams_vA!rvf1_vB!spa2_vB!srd_vI!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=F545242F7720894090381909489&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-63-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame E2DC
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
0
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4901665&dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&cmcv=&pix=undefined&cb=1617535086921&uv=2945&tms=1617535086921&abt=adh5c-1_vA!insc_vA!lapams_vA!rvf1_vB!spa2_vB!srd_vI!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=F545242F7720894090381909489&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Sun, 04 Apr 2021 11:18:07 GMT
server
nginx
x-fastly-to-nlb-rtt
10573

Redirect headers

Date
Sun, 04 Apr 2021 11:18:07 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=6d8eb438-9537-11eb-b382-1669d4c93106&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
11
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame E2DC 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4901665&dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&cmcv=&pix=undefined&cb=1617535086921&uv=2945&tms=1617535086921&abt=adh5c-1_vA!insc_vA!lapams_vA!rvf1_vB!spa2_vB!srd_vI!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=F545242F7720894090381909489&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.46.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-46-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3400
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 04 Apr 2021 11:18:07 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/2770387613974446486/ Frame 3400 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2770387613974446486/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoImQMQ1gEYASABLQAAAD8wmgM41gFFAACAPw&rs=AOga4qm9vlmmPVr_7fPBbbg403PArqGeAQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
144798287486de761bf37f93e9cc80633d813fcd056dff39214248d76f7ff0d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Jan 2021 13:40:26 GMT
server
sffe
age
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29511
x-xss-protection
0
expires
Mon, 04 Apr 2022 11:18:07 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/8652244639305886014/ Frame 3400 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8652244639305886014/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qlRL19UYViyg2Syhdg42IAadV2Brw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1f0c468601b2c672c460708077388a4a4994a909e086fdaa6dfdba70e636cd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 10:31:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Sep 2019 02:36:06 GMT
server
sffe
age
348418
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2971
x-xss-protection
0
expires
Thu, 31 Mar 2022 10:31:09 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3400 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
74473
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 04 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3400 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
46862
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 04 Apr 2021 22:17:05 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 3C1D 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190062
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:30:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:30:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 3C1D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190051
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:30:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:30:36 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 3C1D 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190127
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 3C1D 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190127
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 3C1D 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190127
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3C1D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
74473
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 04 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3C1D 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
46862
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 04 Apr 2021 22:17:05 GMT
truncated
/ Frame 3C1D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
421c4659e20aac02c9cd2e70c4d6ff06351ffcdbc8d2eee621841c6a5b825293

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
9669252808277236845
tpc.googlesyndication.com/daca_images/simgad/ Frame 3C1D 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/9669252808277236845
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cee1528c945640c0054ddfe277e7845d3d67fe9ecd999e2cedc82cfa98cc6c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
age
177270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75361
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 13:32:59 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 10:03:37 GMT
l
www.google.com/ads/measurement/ Frame 3C1D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQD1Z29I22UGdkLMMv5udEtDnN5u_q5BYwDoB_fL4N_6lXXGXu3rO-OAZ9fN14pl6yGs1Fs
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 3C1D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CB2uBbqBpYMSBOJbj-gbch4P4CtOqi5Ni6K6ngO0N06WR55AOEAEgrNm4ImC5-MeA3AGgAYPArpUCyAEC4AIAqAMByAMIqgSxAk_Qyb0gJHH4c1-51C4M1zL2nWD1hcULLpQ2gucDKOI6hWVKM7KZAr3p5bxiwmPco2JkS_jtbGPAsj2iwVdTJJDQb8O-JGRx1IrZldfcpDtK7JLN3vVChNJ7MBktWOjvNSyEZSogzLcFLeLtkhReyvWdiOnmE-6_8bSvx2Trug4yZoG1CcD6k7vrFUocp2TSzYvx_mT3T83ckcM-ghliqMPnvngtqrVwE22NcTnDH7e_Sj7zvSpC1Q7xKyf12BS4bPDzAV1WIbvp4ygHZrz8m0QSU6Z63ewd4QBes6PMjUwXLnNrNy1ggkpq-5UuQZ8IHJgs9tuMbABuSD2ddiemJPF78F9BMB0zO4CshxYnaDlCLiJ37gxcYjGmTugrF9FHHl04RT2OXgHRG7plIVr2qw5twATNs-ScswPgBAGSBQQIBBgBkgUECAUYBKAGAoAH5b_R6gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwMQ8C7SCAkIgOGAUBABGB2ACgPICwHYEwKyFxoKGAgAEhRwdWItNDE4MDgzNTY5NDE2NjI1NQ&sigh=fYiIMP-dW4g&tpd=AGWhJmscPpKivsjtd4vpk2Ifa313YX46B9dvkN0To0ahQG1csw
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
www.facebook.com/tr/ 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1401367413466420&ev=PixelInitialized&dl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&rl=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&if=false&ts=1617535087367
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 04 Apr 2021 11:18:07 GMT
collect
www.google-analytics.com/ 		35 B
102 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 05 Apr 2021 11:18:07 GMT
bulk
trc.taboola.com/dailymail-row/log/3/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/dailymail-row/log/3/bulk?route=AM%3AIL%3AV&lti=lr_fpp_var1&bulkSize=15
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
161
pragma
no-cache
date
Sun, 04 Apr 2021 11:18:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1617535087.445472,VS0,VE161
x-served-by
cache-fra19121-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
ads
pubads.g.doubleclick.net/gampad/ Frame BDF2 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F175840252%2FMMPlus%2FDailyMail%2Fdailymail.co.uk%2FVideo&sz=400x300%7C640x480%7C480x270%7C640x360&ciu_szs&cust_params=playersize%3Dlarge%26mm_midroll%3D1&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vad_type=linear&vpos=preroll&pod=1&ppos=2&min_ad_duration=0&max_ad_duration=31000&vrid=1220307&adk=4198222906&correlator=3485632668830773&dt=1617535087439&ged=ve4_td3_tt2_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&osd=2&scor=2257703427292300&sdk_apis=2%2C8&us_privacy&vis=1&u_so=l&eid=418572006&hl=en&frm=0&cmsid=2555788&sdki=44d&sdkv=h.3.448.1&sdr=1&video_doc_id=01f2e8x5gvhgrbdarr&vpmute=1&kfa=0&tfcd=0&ctv=0&sid=969BC4B7-3D46-4A59-8050-97FB5BB99698&cookie=ID%3D6bb8c0e728e8d1f0-22a35e5dfcba006e%3AT%3D1617535085%3AS%3DALNI_Ma8BASAGmJR4O6sEgYI5BnE24BfHQ
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&pxm=&vb=21&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINE_MINUTEMEDIA_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-hQUexBkFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=398&w=636&om=0&fy=318&gp=945&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&id=1&ii=4&f=0&j=&t=1617535086190&de=687129217303&cu=1617535086190&m=1283&ar=e4967b0-clean&iw=ce6be00&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=52530&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A15%3A0&vp=64&vx=64%3A0%3A-&pe=1%3A1320%3A1320%3A0%3A2660&as=1&ag=1222&an=32&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1222&kw=1022&aj=1&pg=64&pf=64&ib=1&cc=1&bw=1222&bx=32&ci=1222&jz=1022&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=1&in=1&pd=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=64&ah=1022&am=64&rf=0&re=0&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=MINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER&bo=undefined&bd=undefined&gw=mailonlineminutemedia634421037781&zMoatDomain=dailymail.co.uk&zMoatSubdomain=dailymail.co.uk&hv=MAILONLINE_MINUTEMEDIA_DISPLAY1-minuteMediaPlayer&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1176301417&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 04 Apr 2021 11:18:07 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 5ADA 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190062
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:30:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:30:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 5ADA 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190051
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:30:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:30:36 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 5ADA 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190127
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 5ADA 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190127
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 5ADA 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190127
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
9669252808277236845
tpc.googlesyndication.com/daca_images/simgad/ Frame 5ADA 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/9669252808277236845
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cee1528c945640c0054ddfe277e7845d3d67fe9ecd999e2cedc82cfa98cc6c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
age
177270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75361
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 13:32:59 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 10:03:37 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5ADA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
74473
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 04 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5ADA 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
46862
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 04 Apr 2021 22:17:05 GMT
truncated
/ Frame 5ADA 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5330ed2d6835b215105836f934e85bbf925104785923c35d6dc77f540fa48736

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 5ADA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cm181b6BpYIm4DIuf-gb5pKSQCtOqi5Ni6K6ngO0N06WR55AOEAEgrNm4ImC5-MeA3AGgAYPArpUCyAEC4AIAqAMByAMIqgSrAk_Qn-LMy-qUFHhgrYu_srgZScC2qeFtGek_5XyJE9uE0M6ZsoyU50Dp_to1w68j1XCsBeRkOMJOLzruUAR_2XtPBzlrnIFJ7weuFfhFlQIf3kpcFyKe_RJSXMGY_rILrIY2K83ZZ-Ke9wgc8qnvA7aajF-VS6riAenDBYw65xdYEHajVP4apPCn3hLn_MTVZcZ8D5Gpcys4nfWAM1424qmZkllYj7jjbIdvtN5QyjaypUduQTROB5v38LUvqIOJjHHw2heA_HMdBgJf7dONy0gKSDoYwsCAQsfxXb4Ro_MjapXzX29dK6ZCxPuClKPWN9IhsFlaPGyu29Wtm7nzux-wzaKp57Blyg3-sFLTn--RavKvZeaAL-D54_Rd-Yu_GbgtllfKa2Np6NNrwATNs-ScswPgBAGSBQQIBBgBkgUECAUYBKAGAoAH5b_R6gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQj7gD0ggJCIDhgFAQARgdgAoDyAsB2BMCshcaChgIABIUcHViLTQxODA4MzU2OTQxNjYyNTU&sigh=HHbZ7PoVhBk&tpd=AGWhJmtidbaUAsoX50IahhSuPQVBQnJggzYH8uzqZrvkCYfXEA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
26405
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19121-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1617535088.524060,VS0,VE0
date
Sun, 04 Apr 2021 11:18:07 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
42
x-cache-hits
17048
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3C1D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 04 Apr 2021 11:18:07 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
9669252808277236845
tpc.googlesyndication.com/daca_images/simgad/ Frame 3C1D 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/9669252808277236845
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cee1528c945640c0054ddfe277e7845d3d67fe9ecd999e2cedc82cfa98cc6c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
age
177270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75361
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 13:32:59 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 10:03:37 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3C1D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
74473
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 04 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3C1D 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
46862
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 04 Apr 2021 22:17:05 GMT
json
trc.taboola.com/dailymail-dfpads/trc/3/ Frame 0294 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/dailymail-dfpads/trc/3/json?tim=13%3A18%3A07.532&lti=lr_fpp_var1&data=%7B%22id%22%3A35%2C%22ii%22%3A%22%2Fnews%2Farticle-9433257%2Finside-hq-chinese-cyber-ransom-gang.html%22%2C%22it%22%3A%22other%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed%22%2C%22uifp%22%3A%22cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed%22%2C%22lbt%22%3A1617525152803%2C%22vi%22%3A1617535084807%2C%22cv%22%3A%2220210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22pev%22%3A4962%2C%22btv%22%3A%220%22%2C%22lspb%22%3A%22CwsIQhCmlGkMCwiJARCmlGkMCwiRARCmlGkMCwggEKaUaQwLCKEBEKaUaQwLCKIBEKaUaQwLCCQQppRpDAsIJxCmlGkMCwirARCmlGkMCwitARCmlGkMCwiuARCmlGkMCwivARCmlGkMCwiwARCmlGkMCwiyARCmlGkMCwi1ARCmlGkMCwi2ARCmlGkMCwg7EKaUaQwLCD0Qx8VoDAsIPxDm_WgMDBMU%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-o2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnasils-b-300x250%3Aabp%3D0%22%2C%22uip%22%3A%22300x250%22%2C%22orig_uip%22%3A%22300x250%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22lr_fpp_var1%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b3b8a709747a0f6ccaacb7d66686e51598b9774396bd366c74d942225f0e42d9

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
146
date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
gzip
server
nginx
x-timer
S1617535088.549078,VS0,VE146
x-served-by
cache-fra19121-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 05 Apr 2021 11:18:07 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&pxm=&vb=21&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINE_MINUTEMEDIA_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-hQUexBkFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=398&w=636&om=0&fy=318&gp=945&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&id=1&ii=4&f=0&j=&t=1617535086190&de=687129217303&cu=1617535086190&m=1285&ar=e4967b0-clean&iw=ce6be00&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=945&lb=52530&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A15%3A0&vp=64&vx=64%3A0%3A-&pe=1%3A1320%3A1320%3A0%3A2660&as=1&ag=1222&an=1222&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1222&kw=1022&aj=1&pg=64&pf=64&ib=1&cc=1&bw=1222&bx=1222&ci=1222&jz=1022&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=1&in=1&pd=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=1022&ah=1022&am=1022&rf=0&re=0&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=MINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER&bo=undefined&bd=undefined&gw=mailonlineminutemedia634421037781&zMoatDomain=dailymail.co.uk&zMoatSubdomain=dailymail.co.uk&hv=MAILONLINE_MINUTEMEDIA_DISPLAY1-minuteMediaPlayer&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=123245015&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 04 Apr 2021 11:18:07 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7456 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6e38OJQmmtB6SjTlrGT_hYa4Li4yTmEJihU53e1dRp8H_FgTm65UBAxonZSHZIuWMJy8tadzdUjR2HRW_Xjg7_BSR_m7O_eZJ1ckNGieC0CxHRzI4gUwZKElAOqIdsOBMEVOQPDeicMg9AhQWF8e939oJzqlraZozJpcyLzwgQquGSFC-XI2zP5pY0Gtu75qyACn6W4Hkn3bWOT33EU2KSv4awRzbZNxfNCb8Yv5a7FjyWVM2taTpZJRqfkgxB7tN0OjS0d8cBYTPHpw7L0wT2t3YsOgTlktqa6XMFYL_5azUKac0h4xFLIlBK2U-zs5spNfK4rVNlqezxaDPJBm9X-58pxhOOQ&sai=AMfl-YTu5rDm1TIoeGoL2E6lpqkfll7pJNl8ne62NFhs_jkTSW3bhGjNg0VAbz3s59PBblhkISx0N1WKtl8U0-AQ_6VLKVtTZsp53QL5BxqxPWJLA2idsg6_bPIPACDxlhXm&sig=Cg0ArKJSzF97VySvi4ULEAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
29d99919-081e-472b-b98e-ef8e991ea6b3
player.ex.co/player/ Frame 7456 		610 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/29d99919-081e-472b-b98e-ef8e991ea6b3
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
219268357365f92e55111847e137f1871e7ab7920a30fb68288e4df7c8821e78

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
gzip
age
3030
x-cache
HIT
access-control-max-age
600
content-length
186750
x-served-by
cache-hhn4069-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1617535088.638335,VS0,VE2
etag
W/"987af-gwooNXedDjz6fUwFlLYrs/vbea4"
vary
Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7456 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617218245166195"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36656
x-xss-protection
0
expires
Sun, 04 Apr 2021 11:18:07 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5ADA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 04 Apr 2021 11:18:07 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
9669252808277236845
tpc.googlesyndication.com/daca_images/simgad/ Frame 5ADA 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/9669252808277236845
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cee1528c945640c0054ddfe277e7845d3d67fe9ecd999e2cedc82cfa98cc6c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
age
177270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75361
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 13:32:59 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 10:03:37 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5ADA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
74473
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 04 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5ADA 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
46862
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 04 Apr 2021 22:17:05 GMT
truncated
/ Frame 7456 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c64bacfaa6098804eca868f9a267a073efef52fa857b232530af75eed736dcb8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ads
pubads.g.doubleclick.net/gampad/ Frame BDF2 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F175840252%2FMMPlus%2FDailyMail%2Fdailymail.co.uk%2FVideo&sz=400x300%7C640x480%7C480x270%7C640x360&ciu_szs&cust_params=playersize%3Dlarge%26mm_midroll%3D1&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vad_type=linear&vpos=preroll&pod=1&ppos=3&min_ad_duration=0&max_ad_duration=31000&vrid=1220307&adk=4198222906&correlator=3485632668830773&dt=1617535087691&ged=ve4_td4_tt3_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491&is_amp=0&osd=2&scor=2257703427292300&sdk_apis=2%2C8&us_privacy&vis=1&u_so=l&eid=418572006&hl=en&frm=0&cmsid=2555788&sdki=44d&sdkv=h.3.448.1&sdr=1&video_doc_id=01f2e8x5gvhgrbdarr&vpmute=1&kfa=0&tfcd=0&ctv=0&sid=969BC4B7-3D46-4A59-8050-97FB5BB99698&cookie=ID%3D6bb8c0e728e8d1f0-22a35e5dfcba006e%3AT%3D1617535085%3AS%3DALNI_Ma8BASAGmJR4O6sEgYI5BnE24BfHQ
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame 0294 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
368f4c343722bcd0da3077d1e117f5462335c5c21066ac5472810f224e07718b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
78aES2K9e_BQ1VejaFN0QXuuayHCrT6B
content-encoding
gzip
etag
"1da06556d096c84420c24cf4a174b8a5"
age
5632
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4389
x-amz-id-2
A6oFNJBTuAIg0W4OW+iYyDmCfnDWBJCiyuPOXsgsx0oD8GygdRI1oQQQr2Ef9a18FqtOUyoZadE=
x-served-by
cache-fra19121-FRA
last-modified
Wed, 31 Mar 2021 09:42:57 GMT
server
AmazonS3
x-timer
S1617535088.747179,VS0,VE0
date
Sun, 04 Apr 2021 11:18:07 GMT
vary
Accept-Encoding
x-amz-request-id
341Z0AMRAM6ZJZ2G
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
42
x-cache-hits
43210
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 0294 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8907c988abce36758d87a639ef2ddaa025c0338402a80f4e71b7b2450cc7861c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FyU75WazRsiEew8mV1P.ejYIF3IEfCEj
content-encoding
gzip
etag
"fa3c5d1be5ff23d2bbc39878e37cc0ec"
age
21750
x-cache
HIT
x-amz-replication-status
PENDING
content-length
749
x-amz-id-2
1I/L+AiRXIfkyPP3JvgAzpIOn2hbxJyWkgGqk2v091V9V0QDWMmo3vnbV9T/UJGaDerlVZftXN4=
x-served-by
cache-fra19121-FRA
last-modified
Wed, 17 Mar 2021 13:13:46 GMT
server
AmazonS3
x-timer
S1617535088.747121,VS0,VE0
date
Sun, 04 Apr 2021 11:18:07 GMT
vary
Accept-Encoding
x-amz-request-id
S947MPC9C9C9NDWK
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
42
x-cache-hits
240791
tfa-eid.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.es6.js
cdn.taboola.com/libtrc/ Frame 0294 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-dfpads/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6900c79dc613cdfa5479f19fbc6888af11561bee2286c04b4af9de762a8705f2

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
d__hCb5NW0XieEGIS2fRsEYBSq3xxv2d
content-encoding
gzip
etag
"6d7fc9005c04f1df096ea2d3dbbfbe2e"
age
113
x-cache
HIT
x-amz-replication-status
FAILED
content-length
4917
x-amz-id-2
MVlOag8nP+tQXFErQyvLJjUffXSIQV+y8Say1syXptM3+Ad0sy0egeODaF/JVeVfykDTkrgtptg=
x-served-by
cache-fra19121-FRA
last-modified
Thu, 01 Apr 2021 11:26:55 GMT
server
AmazonS3
x-timer
S1617535088.748096,VS0,VE0
date
Sun, 04 Apr 2021 11:18:07 GMT
vary
Accept-Encoding
x-amz-request-id
2SZQSQM8EZ2JJDMH
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
42
x-cache-hits
8
sha256.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.es6.js
cdn.taboola.com/libtrc/ Frame 0294 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-dfpads/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0cfc55d698f3e53876435b6fd603c29e1f8a4d8b7183829f01820781cf115884

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
iCXP9jNnm5JTew9ZY0ip2aywJ0dIYQHk
content-encoding
gzip
etag
"3a9c4a9d5c9ab4639cb8b059a7497785"
age
74
x-cache
HIT
x-amz-replication-status
FAILED
content-length
2657
x-amz-id-2
K0KXdEZLs3/xiXmwLiJ7acv2rlwWMBTbMLVYq0FOgGzIB4ysYaP/dd2ZUmUUb9PTxsYCUFpIocY=
x-served-by
cache-fra19121-FRA
last-modified
Thu, 01 Apr 2021 11:26:45 GMT
server
AmazonS3
x-timer
S1617535088.748311,VS0,VE0
date
Sun, 04 Apr 2021 11:18:07 GMT
vary
Accept-Encoding
x-amz-request-id
2SZGQ7XFT23W7VVM
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
42
x-cache-hits
3
userx.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.es6.js
cdn.taboola.com/libtrc/ Frame 0294 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-dfpads/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50434859133c202645fe2e1a75e65ecada69675501f31e4599c89a586727aeb1

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mBTZPoIhNoad1a2Fi62wKHiNF4nrEYv1
content-encoding
gzip
etag
"e277fb0b7611ca6cd0d7793221aa9070"
age
72
x-cache
HIT
x-amz-replication-status
FAILED
content-length
7918
x-amz-id-2
oONMQl7rdhFpaLvIXmu7qV17n3rRT67t0vSaqmIYTiB0oFPL9EWEN+8vrxc+m2Nyy5Y+RDe1vHg=
x-served-by
cache-fra19121-FRA
last-modified
Thu, 01 Apr 2021 11:27:00 GMT
server
AmazonS3
x-timer
S1617535088.755266,VS0,VE0
date
Sun, 04 Apr 2021 11:18:07 GMT
vary
Accept-Encoding
x-amz-request-id
7AQJ3718MVG1G1DB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
42
x-cache-hits
4
fix-user-id
trc.taboola.com/dailymail-dfpads/log/3/ Frame 0294 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/dailymail-dfpads/log/3/fix-user-id?lti=lr_fpp_var1&ri=e0481a8962fa3b5a86a2363e30c83484&sd=v2_6506279e81cfaa9bb529ed6ecad6f7fb_d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef_1617535087_1617535087_CNawjgYQsO1OGIfS6uSJLyABKAMwFjjqxgdA4IYQSOzr2QNQ____________AVgAYABosa_ptcr9986tAQ&ui=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&pi=/news/article-9433257/inside-hq-chinese-cyber-ransom-gang.html&wi=-2586801516199951047&pt=other&vi=1617535084807&time=1617535087731&fromUser=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&toUser=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&toSD=v2_6506279e81cfaa9bb529ed6ecad6f7fb_d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef_1617535087_1617535087_CNawjgYQsO1OGIfS6uSJLyABKAMwFjjqxgdA4IYQSOzr2QNQ____________AVgAYABosa_ptcr9986tAQ&tim=13%3A18%3A07.731&id=2780&llvl=1&cv=20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT&
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
68
pragma
no-cache
date
Sun, 04 Apr 2021 11:18:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1617535088.755248,VS0,VE68
x-served-by
cache-fra19121-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
events
prd-collector-anon.ex.co/main/ Frame 7456 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/29d99919-081e-472b-b98e-ef8e991ea6b3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.142.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:08 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a9b45c0ca49b03d148d40405cc2d81602e647ad078b12aca5902efdd60535c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Apr 2021 10:52:46 GMT
server
ESF
date
Sun, 04 Apr 2021 11:18:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Apr 2021 11:18:07 GMT
80882725-fdd4-4268-8547-1c71b33cff69.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/ Frame 0294 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/80882725-fdd4-4268-8547-1c71b33cff69.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
e3319b4083e3677f749899da353a9ba29bb56baf064eb5126dda438d32b347f9

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 04 Apr 2021 11:18:07 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
937043
edge-cache-tag
352089440218326332410027525645372019751,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/80882725-fdd4-4268-8547-1c71b33cff69.jpg
content-length
33170
x-request-id
a404016013f12fc73df2855be8e1fb06
x-backend-name
fastlyshield--shield_cache_dca17755_DCA
last-modified
Wed, 24 Mar 2021 14:22:53 GMT
server
cloudinary
x-timer
S1617535088.842239,VS0,VE1
etag
"af30073d291beaf0e9d7f4b61fc3bcd9"
x-served-by
cache-dca17741-DCA, cache-dca17755-DCA, cache-fra19121-FRA
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
view
securepubads.g.doubleclick.net/pcs/ Frame 7456 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYZqgPUrxJJGLWV8B440AfAiu8ov_WoTr1Jw1Yb4_e-mr6GA7Nsz11-Ycc4aprblJ1B8JwQlYfyzusuHgFfFT28vCcvDOzBo3_uvRy10BXwsb0m1RisIDgD4Ucut48hmbZehUlLUA65px_BBtQQWXa_2XI_iD8qHCBW59kbPe7DwAmp8lFuTld4UnydfLu8BMVxfM-HzVdnX1qjGMqhNDlnvio0sGbpA6QVNMA6RsCjoZN1yqsX2d2B7Fp1HL9KzEQzpzTRAtUkkRE1qekkQ220tUc_4hDmlVBzAYOhlswr-Go_kvmkcxQ5XyQodmhW3RL9gMprAcfsrQwF6NWyCLmDDxpfmRgOLpG&sai=AMfl-YSUyWS7ibnOcl42zkucBcNj5e7XCRXRqMHdTqyRGn5QW-DrcBiHmJ537utNz2rIflFZplbRl7hZPIiptZTojhhq0TvUCRQlG7OCImFevDuOtcZycap6OBwHFGjf-EPk&sig=Cg0ArKJSzJkG-IWiZE2LEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 04 Apr 2021 11:18:07 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 65E0 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190062
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:30:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:30:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 65E0 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190051
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:30:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:30:36 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 65E0 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190127
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 65E0 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190127
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 65E0 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190127
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 65E0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
74473
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 04 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 65E0 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
46862
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 04 Apr 2021 22:17:05 GMT
truncated
/ Frame 65E0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b70e4c90ecda74626e7dfb7374051b94ab28d316e5d89930a8ddd8b6c764e4aa

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
3690992069012277969
tpc.googlesyndication.com/daca_images/simgad/ Frame 65E0 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/3690992069012277969
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06b867a218a1e78ca8f45eabd695546cb53e3e2a560f25075cdcbefe95b338ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 18:44:11 GMT
x-content-type-options
nosniff
age
146036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107544
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 14:30:03 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 18:44:11 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 65E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxNmNb6BpYMDGINqsgQfb75jQB4qH8o9ix6mo9LUN8p7coNQBEAEgrNm4ImC5-MeA3AGgAfGD_ZUDyAEC4AIAqAMByAMIqgS0Ak_QRtfeG8coqVuWwX3MBYs8mcRC3m6FshHxDDiKyi7U2U3QLDIY6fpQ21ML1ORWv6adTQFH0riZwslBksRdhh4kDu2HlDZg2HqsQFHLkwHeYJBax7D78EaLwrgRSf6mFRryKGtQtJGhUcJ_Bmf_AmCxBQXsjg0m6M-AIqo4GT9yY8QeBPLAgW8r9dWcX4-LLgpO7nU8URDmiZtSOQn42gWNPi5nONzttJV8dWvoNahjXbWkvT86AsPvPMegdUAyU-35YixWWjL2MgoiC5H8UjNyouCWobnbicDvkJ68WlC3wEApO2vNPJK53jfA6s7CHjkQVmCdrnXHXF9EFizzqbvHcuva9e6Y3z9VLXLKOuFtNgZHNq1GoXi5VG3JQb1-uUJ-PfEiFML41uUJCEvaK5mNz5l3wAT958ONugPgBAGSBQQIBBgBkgUECAUYBKAGAoAH-722aqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCPuAPSCAkIgOGAUBABGB2ACgPICwHYEw2yFxoKGAgAEhRwdWItNDE4MDgzNTY5NDE2NjI1NQ&sigh=8ENCUiZrPeU&tpd=AGWhJmvCUX49E1cytRjeYIJV13ZRKmWEzOACyMmJn81KXHvEGQ
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
events
prd-collector-anon.ex.co/main/ Frame 7456 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/29d99919-081e-472b-b98e-ef8e991ea6b3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.142.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:08 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
hls.min.js
player.avplayer.com/script/2/2.55/libs/ Frame 7456 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/29d99919-081e-472b-b98e-ef8e991ea6b3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::214:846e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uxu1dKx6LlJTShyUwnH-A8MNGa0Uc6ftZ309G_-PcBZA5zvnETlHpLPodazavG4SLH2uWEOVwch5l9bsL9fxLc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Apr 2021 11:23:07 GMT
truncated
/ Frame 7456 		548 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
902dde5c61e28b2ea557a81ff2d3a2be505654f7a8d74b35c52410f47dc75f66

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7456 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f677418329f1492ff13d5041c5872f1570eda43eaca5d1854a61de27385dab66

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7456 		478 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23727e1fd90dc2bc2566aeef37ee69dd72c888dd8ba8d726f45e843c85eb0d67

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7456 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7456 		365 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04b2684e2a85ed8bf65eb0e6a3b4d942ebe82fcec4169bf3b322b9ad06f6565f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
29d99919-081e-472b-b98e-ef8e991ea6b3_1607607027960.png
cdn.playbuzz.com/logos/ Frame 7456 		28 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.playbuzz.com/logos/29d99919-081e-472b-b98e-ef8e991ea6b3_1607607027960.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b75f6e93a461b38db8a4f7f230cd6739a2ac0c090320eddfd439edaa370353e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:08 GMT
content-encoding
gzip
last-modified
Thu, 10 Dec 2020 13:30:28 GMT
server
AmazonS3
etag
"0f4e3263f83025d873032197aa963c4b"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
27620
AVmanager.js
player.aniview.com/script/6.1/ Frame B3C2 		332 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/29d99919-081e-472b-b98e-ef8e991ea6b3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
26352e7aa0979f5e5a13c11ee8955a5babfd0f93870eb68f41b93be02f30339e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:07 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UxPFixa-IdkwPdbfSEAHAA20D9KVSl53bEfs6ZLHT-Yfe4EcOlCj1iRdcBlz-R2-AA_UmPb-UK-iaivOUjYq0zwesp6dw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
95852
last-modified
Tue, 16 Mar 2021 07:30:21 GMT
server
UploadServer
etag
"723ce3d7f7640dfa2df80899dc537a63"
vary
Accept-Encoding
x-goog-hash
crc32c=64OWOg==, md5=cjzj1/dkDfot+AiZ3FN6Yw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1615879821497594
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
95852
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Apr 2021 11:23:07 GMT
track
atrack.avplayer.com/ Frame 7456 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1617535087869&cid=5fabf6ba51757f2075197397&cou=BE&AV_PAGE_LOAD_UID=c71865c8-cc30-4710-adc9-eea1c225ebac&AV_CDIM4=c71865c8-cc30-4710-adc9-eea1c225ebac&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:11 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
events
prd-collector-anon.ex.co/main/ Frame 7456 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/29d99919-081e-472b-b98e-ef8e991ea6b3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.142.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:08 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame CF6C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d7411bc5-e718-472f-ad9d-ed4b729e745b
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d7411bc5-e718-472f-ad9d-ed4b729e745b&tbid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&query=taboola_hm%3Dd7411bc5-e718-...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d7411bc5-e718-472f-ad9d-ed4b729e745b&tbid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&query=taboola_hm%3Dd7411bc5-e718-472f-ad9d-ed4b729e745b&isDirect=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1617535088.337584,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19121-FRA

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=d7411bc5-e718-472f-ad9d-ed4b729e745b&tbid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&query=taboola_hm%3Dd7411bc5-e718-472f-ad9d-ed4b729e745b&isDirect=0
tbl-x-upstream
10.40.0.134:10213
date
Sun, 04 Apr 2021 11:18:08 GMT
server
nginx
x-fastly-to-nlb-rtt
7850
sync.php
pixel.rubiconproject.com/exchange/ Frame CF6C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame CF6C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=ocHj0BWGKe3O&ev=1&orig=trc&pid=562107
0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=ocHj0BWGKe3O&ev=1&orig=trc&pid=562107
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Sun, 04 Apr 2021 11:18:15 GMT
server
nginx
x-fastly-to-nlb-rtt
6291

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=ocHj0BWGKe3O&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-tzmr4
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame CF6C
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4067890039530243391&orig=trc
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4067890039530243391&orig=trc
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Sun, 04 Apr 2021 11:18:08 GMT
server
nginx
x-fastly-to-nlb-rtt
8385

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:08 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.41:80
AN-X-Request-Uuid
f5c2dc5b-5a23-42dd-873f-d3916196668e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4067890039530243391&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame CF6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKVgxIIWg9dP-FFSUJ9CiPU&google_cver=1
0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKVgxIIWg9dP-FFSUJ9CiPU&google_cver=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
date
Sun, 04 Apr 2021 11:18:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1617535088.142489,VS0,VE67
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19121-FRA

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKVgxIIWg9dP-FFSUJ9CiPU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CF6C 		42 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed:$UID
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:10 GMT
X-lat
lhrpug005:0:563
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame CF6C
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef
170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef
tbl-x-upstream
10.40.0.195:10213
date
Sun, 04 Apr 2021 11:18:08 GMT
server
nginx
x-fastly-to-nlb-rtt
9025
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame CF6C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7
0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
date
Sun, 04 Apr 2021 11:18:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1617535088.255362,VS0,VE67
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19121-FRA

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:08 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame CF6C
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:21 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:21 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame CF6C 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-7c488d4f5b-cvmjk
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame CF6C 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:13 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
dsp.adkernel.com/ Frame CF6C 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:08 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
put
e1.emxdgt.com/ Frame CF6C 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:09 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame CF6C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0ad51a2a-2751-42b8-a521-d54ba8a305a6
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0ad51a2a-2751-42b8-a521-d54ba8a305a6
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.34.222:10213
date
Sun, 04 Apr 2021 11:18:08 GMT
server
nginx
x-fastly-to-nlb-rtt
7378

Redirect headers

pragma
no-cache
x-errorlevel
0
date
Sun, 04 Apr 2021 11:18:08 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=0ad51a2a-2751-42b8-a521-d54ba8a305a6
cache-control
no-cache
server-processing-duration-in-ticks
1720
content-type
text/html; charset=utf-8
content-length
222
expires
Sun, 04 Apr 2021 00:00:00 GMT
3.gif
id5-sync.com/c/464/108/5/ Frame CF6C
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F6%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F6%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/6/2.gif?puid=9a3b616c-7eae-42ce-8cf0-94f4550dfb25&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/464/108/5/3.gif?puid=76d320e1-9537-11eb-a82a-a26ace9e5db4&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/108/5/3.gif?puid=76d320e1-9537-11eb-a82a-a26ace9e5db4&gdpr=1&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.46 , France, ASN16276 (OVH, FR),
Reverse DNS
p01.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:19 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

date
Sun, 04 Apr 2021 11:18:21 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://id5-sync.com/c/464/108/5/3.gif?puid=76d320e1-9537-11eb-a82a-a26ace9e5db4&gdpr=1&gdpr_consent=
alt-svc
clear
content-length
0
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame CF6C
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=-YMqrMm6CFmoUtzlcqBpYA
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=-YMqrMm6CFmoUtzlcqBpYA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.34.222:10213
date
Sun, 04 Apr 2021 11:18:10 GMT
server
nginx
x-fastly-to-nlb-rtt
6998

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=-YMqrMm6CFmoUtzlcqBpYA
date
Sun, 04 Apr 2021 11:18:10 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame CF6C 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:17:35 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
/
cds.taboola.com/ Frame CF6C 		0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=cbbe62aa-abb7-4a1b-b6a7-a42a589a01d2-tuct76325ed&_r=6543735
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 04 Apr 2021 11:18:13 GMT
Cache-Control
no-store
Server
nginx
Connection
close
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame CF6C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=xS3GKOc0RPxKMeZ6DPJbwFJmE4g&user_group=1&ssp=taboola&gdpr=0
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=188&user_id=xS3GKOc0RPxKMeZ6DPJbwFJmE4g&user_group=1&ssp=taboola&gdpr=0
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=d28f40a2-3ebd-4316-9eb4-28c345b71494
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=d28f40a2-3ebd-4316-9eb4-28c345b71494
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.127:10213
date
Sun, 04 Apr 2021 11:18:14 GMT
server
nginx
x-fastly-to-nlb-rtt
6618

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=d28f40a2-3ebd-4316-9eb4-28c345b71494
date
Sun, 04 Apr 2021 11:18:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5A15 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutKf9KccTn7pst3XwnUQfVblqipdxkRYtfh3JG7iB5P9_kFgH5U50DjG8JX_DgBnYi0WAa2vivS5Sq_t_EDwkEvtnTXZG_jnu7ghCO8ixNZT6NjQS4KPCxCKLChsqmNCsCiImr7ePyzuee8HmdA8Tli9yQmhKGaphCGEaTiWD4gvdimQhSPU9b--aPccd65BsKBJ0vO_k5Ieqf4eY5iuEy0MvprDIXOTI_mNb6t-xWWmDiQ9OikM36eGFghI1Q8xrJFEiUnJ9W3D63CnpN64kUxr8jFZhJyuEXAP2_uFKZiX4dSLxOE2HE8Kl5rerZ9iUcJIOQN1YYkkAXvECTleZS&sai=AMfl-YRG-anT3-bHasQmFOXt8nSOqZ-vym1Ifmdsg6DL0NSCfIYea6xtaBOpM_lQeHqjAqyR0kLMtC24eNbfSoEqfzqdbukA2HICfDAfU_vVNiFyQOho-lrTeSuMQ1DF8nw&sig=Cg0ArKJSzJ6B-zfI2pkDEAE&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame 5A15 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
632
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7115
x-xss-protection
0
server
cafe
etag
8094203328658613728
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Apr 2021 11:07:36 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 5A15 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Apr 2021 11:18:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5A15 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617218245166195"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36656
x-xss-protection
0
expires
Sun, 04 Apr 2021 11:18:08 GMT
16002951972729146870
tpc.googlesyndication.com/simgad/ Frame 5A15 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16002951972729146870
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e7c46dbf85b911665745279eaa228d38479f4a6c381082010e79e1f5b81d2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:43 GMT
x-content-type-options
nosniff
age
177265
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115069
x-xss-protection
0
last-modified
Sat, 26 Dec 2020 14:22:57 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 10:03:43 GMT
DOUBLE-MPU-1.jpg
i.dailymail.co.uk/i/pix/2016/03/23/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix/2016/03/23/DOUBLE-MPU-1.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.desktop.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
981793c8e58a9ebc2fa825db3f2e1de282a682d2158238d497cca1af74844116

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:10 GMT
last-modified
Tue, 24 Apr 2018 08:44:48 GMT
server
Apache
etag
"80b954e5f874a18861095c8c9da27bb0:1524559488"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
12558
expires
Tue, 04 May 2021 11:18:10 GMT
80882725-fdd4-4268-8547-1c71b33cff69.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/ Frame 0294 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/80882725-fdd4-4268-8547-1c71b33cff69.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
e3319b4083e3677f749899da353a9ba29bb56baf064eb5126dda438d32b347f9

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 04 Apr 2021 11:18:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
937043
edge-cache-tag
352089440218326332410027525645372019751,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/80882725-fdd4-4268-8547-1c71b33cff69.jpg
content-length
33170
x-request-id
a404016013f12fc73df2855be8e1fb06
x-backend-name
fastlyshield--shield_cache_dca17755_DCA
last-modified
Wed, 24 Mar 2021 14:22:53 GMT
server
cloudinary
x-timer
S1617535088.125101,VS0,VE0
etag
"af30073d291beaf0e9d7f4b61fc3bcd9"
x-served-by
cache-dca17741-DCA, cache-dca17755-DCA, cache-fra19121-FRA
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
ads
pubads.g.doubleclick.net/gampad/ Frame BDF2 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F175840252%2FMMPlus%2FDailyMail%2Fdailymail.co.uk%2FVideo&sz=400x300%7C640x480%7C480x270%7C640x360&ciu_szs&cust_params=playersize%3Dlarge%26mm_midroll%3D1&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vad_type=linear&vpos=preroll&pod=1&ppos=4&min_ad_duration=0&max_ad_duration=31000&vrid=1220307&adk=4198222906&correlator=3485632668830773&dt=1617535088126&ged=ve4_td4_tt3_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&osd=2&scor=2257703427292300&sdk_apis=2%2C8&us_privacy&vis=1&u_so=l&eid=418572006&hl=en&frm=0&cmsid=2555788&sdki=44d&sdkv=h.3.448.1&sdr=1&video_doc_id=01f2e8x5gvhgrbdarr&vpmute=1&kfa=0&tfcd=0&ctv=0&sid=969BC4B7-3D46-4A59-8050-97FB5BB99698&cookie=ID%3D6bb8c0e728e8d1f0-22a35e5dfcba006e%3AT%3D1617535085%3AS%3DALNI_Ma8BASAGmJR4O6sEgYI5BnE24BfHQ
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.dailymail.co.uk&sn=&cd4=c71865c8-cc30-4710-adc9-eea1c225ebac&cd6=100&cd7=main&ic=0&tgt=0&app=&wi=432&he=244&test=&apppkg=&fv=1&proto=https&pid=56ea678d181f46c76f8b45fb&cid=5fabf6ba51757f2075197397&e=inventory&vi=88&cb=1617535088183
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame 5A15 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83466f2f78ebf105c76595f846c8f05b80f57e95ad6948d62d65bdd1fb8ff502

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 65E0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 04 Apr 2021 11:18:08 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
/
premiumsrv.aniview.com/api/adserver/tag/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?cou=BE&AV_PAGE_LOAD_UID=c71865c8-cc30-4710-adc9-eea1c225ebac&AV_CDIM4=c71865c8-cc30-4710-adc9-eea1c225ebac&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=5fabf6ba51757f2075197397&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.dailymail.co.uk&AV_DADPOS=1&v=6.1.1.243&responsive=1&avtoken=88183&AV_WIDTH=432&AV_HEIGHT=244&cb=1617535088246
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.77.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f9ff3cbc1e18c6477f12b990a1d7e9b1dc734a445fdae3f64318193b7203e0e9

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:08 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Mar 2021 21:31:28 GMT
3690992069012277969
tpc.googlesyndication.com/daca_images/simgad/ Frame 65E0 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/3690992069012277969
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06b867a218a1e78ca8f45eabd695546cb53e3e2a560f25075cdcbefe95b338ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 18:44:11 GMT
x-content-type-options
nosniff
age
146037
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107544
x-xss-protection
0
last-modified
Tue, 16 Mar 2021 14:30:03 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 18:44:11 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 65E0 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
74474
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 04 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 65E0 		295 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
46863
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 04 Apr 2021 22:17:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5A15 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssP_pIx46zP6xiHh6gxwwbDPQ0lpG_dprhjMR1YNFabFjcVHQ3T8fjS6TFutxZXMc3UEsfm4xF7w5Syt_gScBXk8E-1eA9kVE8FmaVRxR6fNX__LCOJNF8uzKlH_0iTx3Aot7k3Z125jZSdLCtNZghmq83rML9fTqy8cfugbvuE8Im436mysffg_MgvCwWiQo2UaLetooajGpHq7WAMmX8Z2aHE8sIXryY4C6Sv-IenovvabFPaPttg3I0TDtlN-UzwXlleEGmV5N6S6lwADZ-fRVD6GOiT6YDIR9VeKlNJ2yF_okQvPA707QHSkBaCqiXxs8WI8-N1F-IHXIVi90Elt5M&sai=AMfl-YQ19z2WEagAzdkmNFOrPauDNxhW1ZepQam7IB_J5EmwnPFYl2_UPhHrDfoFh0zi3g1HfoktSe_sCljxoT7GnkCrnxGFtdZKwsXCU7efaOHy8Abj2eHtVo1taloO-Zw&sig=Cg0ArKJSzIwJwIcMMCd7EAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 04 Apr 2021 11:18:08 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame F134 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190063
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:30:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:30:25 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame F134 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190052
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:30:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:30:36 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame F134 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190128
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame F134 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190128
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame F134 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
190128
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 06:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 06:29:20 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F134 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
74474
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 04 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F134 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 03 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
46863
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 04 Apr 2021 22:17:05 GMT
truncated
/ Frame F134 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27da2423b49bb99641a10b7f642b6d1386e41d1d9540108fe21f85b62d8bf735

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
13152031942796134701
tpc.googlesyndication.com/simgad/ Frame F134 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13152031942796134701?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmwAeBrA7xRW1YGb3_62Rd-SgNMqA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4fc42994e6511f7542d3408159c406dbd35000c465ce98287db279d8792a30b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 21:33:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 15:04:44 GMT
server
sffe
age
222285
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19974
x-xss-protection
0
expires
Fri, 01 Apr 2022 21:33:23 GMT
l
www.google.com/ads/measurement/ Frame F134 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS208UhEwkI_A3f48t1fd2DhS3YdJf6bM4bIhjjW3VWByavuJPinm_Lvq3hwn2Cz5zu6Kz0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame F134 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CENEkb6BpYPmpO9mC7gPeyavYDZDDtIpi5_CZ0LIN8ofwhp4cEAEgrNm4ImC5-MeA3AGgAYaq1MwDyAEC4AIAqAMByAMIqgSpAk_QfU0RTw7cPhJ2ikxOIa_XjCM5Lear1WAE-HNGjLePTm_yXKRGhxrJiAKsDfw284sLAzqP5TfpsjnPRR_kiiby-ODobNnd6tanmaUUzFTnvTLG8_Wbm3hlZFHoCmAPW7g5TZPxSNBZtuDEK8hb_IYoNhOkPByeSTyQ2ohemUh2GyZZ89IpRTxjYY9GkdMY6RYoD4XUq1gdB3YPceERL0jaTvjVBFnqrb15WQzRqhZcvfz_cA2Hsox0jieiH0KB9evak95JfjvvqRRCl8poBmX8cdfZAZbZOLOX1Gi4hq03KeTKqcS6UfUBHclmuJ6pS7rXZSkQRx77WkNDrYqOgcL16TWsmJQBaHMonSartzERdMt3gUwake4P2qXdt971RJ6kK9JzThf0BcAEppykw7UD4AQBkgUECAQYAZIFBAgFGASgBgKAB9fSz2eoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQsssM0ggJCIDhgFAQARgdgAoDyAsB2BMNshcaChgIABIUcHViLTQxODA4MzU2OTQxNjYyNTU&sigh=-u7LP0BnJeY&tpd=AGWhJmsM4WInUbiVzVbxdTnUA1JeTz0X7Sc96awhCc3detcEww
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.m3u8
mcd.ex.co/video/upload/sp_hd/v1490095101/ Frame 7456 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ac1dcb1064d8b31b7fab840999b7ea92581887d54e605b51f6bcf8d8d162497d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:08 GMT
Status
200 OK
Connection
keep-alive
Content-Length
1077
X-Request-Id
d0c82b2ef726b6aa0c1a0cb4850f9c9c
X-Served-By
cache-wdc5543-WDC
Last-Modified
Sun, 04 Apr 2021 09:57:45 GMT
Server
cloudinary
X-Timer
S1617530226.393853,VS0,VE38490
ETag
"0c0dbb77a904b95733a667daa8912955"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552794
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
ads
pubads.g.doubleclick.net/gampad/ Frame BDF2 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F175840252%2FMMPlus%2FDailyMail%2Fdailymail.co.uk%2FVideo&sz=400x300%7C640x480%7C480x270%7C640x360&ciu_szs&cust_params=playersize%3Dlarge%26mm_midroll%3D1&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vad_type=linear&vpos=preroll&pod=1&ppos=5&min_ad_duration=0&max_ad_duration=31000&vrid=1220307&adk=4198222906&correlator=3485632668830773&dt=1617535088327&ged=ve4_td4_tt3_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&osd=2&scor=2257703427292300&sdk_apis=2%2C8&us_privacy&vis=1&u_so=l&eid=418572006&hl=en&frm=0&cmsid=2555788&sdki=44d&sdkv=h.3.448.1&sdr=1&video_doc_id=01f2e8x5gvhgrbdarr&vpmute=1&kfa=0&tfcd=0&ctv=0&sid=969BC4B7-3D46-4A59-8050-97FB5BB99698&cookie=ID%3D6bb8c0e728e8d1f0-22a35e5dfcba006e%3AT%3D1617535085%3AS%3DALNI_Ma8BASAGmJR4O6sEgYI5BnE24BfHQ
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame F134
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 04 Apr 2021 11:18:08 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1617530224/ Frame 7456 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
44633ed4eb5ded912809e94bfce297e2a99b6f4047d473c9b216e5c1bbc82ac2

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:08 GMT
Last-Modified
Sun, 04 Apr 2021 09:57:10 GMT
Server
cloudinary
X-Timer
S1617530265.033346,VS0,VE29
ETag
"5af9747d7b82276bb30e88671433ce91"
X-Served-By
cache-wdc5539-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552854
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1216
X-Cache-Hits
1
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1617530224/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 04 Apr 2021 11:18:08 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1617530224/ Frame 7456 		26 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
771fe9a11de7f4c7a3f476227ddf69271312103e574f03faf8ae440869ca961d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-27071

Response headers

Date
Sun, 04 Apr 2021 11:18:08 GMT
Content-Range
bytes 0-27071/543884
Connection
keep-alive
Content-Length
27072
X-Served-By
cache-wdc5539-WDC
Last-Modified
Sun, 04 Apr 2021 09:57:10 GMT
Server
cloudinary
X-Timer
S1617530265.197224,VS0,VE1
ETag
"5f01d72da47c0915cf75a8c26616ad7f"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552735
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
b1da5244-0d3c-427d-8c1f-85a4b887e0db
https://www.dailymail.co.uk/ Frame 7456 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/b1da5244-0d3c-427d-8c1f-85a4b887e0db
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
sa
ted.dailymail.co.uk/s/ 		65 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ted.dailymail.co.uk/s/sa
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1b7347be748b15ded4400f4bcb2bbfd25772f5c3dd05eb78abfdab8d34cd1a1f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 04 Apr 2021 11:18:08 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Sun, 04 Apr 2021 11:18:08 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
65
x-rs-ops
rta2-rufus-a4-fe.hsk.mol.dmgt.net:8180
sa
t.dailymail.co.uk/s/ 		65 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.dailymail.co.uk/s/sa
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
289f1a0c0a0b14b67010f80452ec675389621fd84469c93a0200def90a903704

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 04 Apr 2021 11:18:08 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Sun, 04 Apr 2021 11:18:08 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
65
x-rs-ops
rta2-rufus-c2-fe.rdg.mol.dmgt.net:8180
activeview
pagead2.googlesyndication.com/pcs/ Frame 3400 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxBHNCZZqvV1YbjQunX4wgMAGI-yy-ojq1T1wdIw58aiU_B700KiKan-3yRISp-TG2-fxINLZnCLJ_94WnDk3wCwDlBrPa_3Z-eaHhB2Cj014S8PeAUKid5P7vcA&sai=AMfl-YTuY8h7pVDjKHzVSLoRSlC6n_SHwV6YTLnDLIar7J9NxvPYoG0eoeegybt_YWpfNyQVMrzSPUOwi3ddhEG9pfY8YkExeOo_VKcgv9WdDgoYVnovFYSxeQbpuAsp3Q8&sig=Cg0ArKJSzCWOjUA13-GCEAE&cid=CAASPeRogU0s_0JQESQzaeCimxmGpTAnvXs93kp6voOmHBrYtyp2p6LFbhXSsrRRsBJLyJB1l31lCHJhaZTTieg&id=ampim&o=315,197&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=308&tls=1309&g=99.69072341918945&h=99.69072341918945&tt=1309&r=v&avms=ampa&adk=1253008134
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame BDF2 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F175840252%2FMMPlus%2FDailyMail%2Fdailymail.co.uk%2FVideo&sz=400x300%7C640x480%7C480x270%7C640x360&ciu_szs&cust_params=playersize%3Dlarge%26mm_midroll%3D1&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vad_type=linear&vpos=preroll&pod=1&ppos=6&min_ad_duration=0&max_ad_duration=31000&vrid=1220307&adk=4198222906&correlator=3485632668830773&dt=1617535088488&ged=ve4_td4_tt3_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&osd=2&scor=2257703427292300&sdk_apis=2%2C8&us_privacy&vis=1&u_so=l&eid=418572006&hl=en&frm=0&cmsid=2555788&sdki=44d&sdkv=h.3.448.1&sdr=1&video_doc_id=01f2e8x5gvhgrbdarr&vpmute=1&kfa=0&tfcd=0&ctv=0&sid=969BC4B7-3D46-4A59-8050-97FB5BB99698&cookie=ID%3D6bb8c0e728e8d1f0-22a35e5dfcba006e%3AT%3D1617535085%3AS%3DALNI_Ma8BASAGmJR4O6sEgYI5BnE24BfHQ
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 7456 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
35c6535802e0856df320a0206ccd5dae30a2c5b25f36bafc4402c30db53bb0da

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:08 GMT
Last-Modified
Sun, 04 Apr 2021 09:57:20 GMT
Server
cloudinary
X-Timer
S1617530265.324133,VS0,VE24
ETag
"f09d61a92347b67038aace77aad6d5f4"
X-Served-By
cache-wdc5539-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552776
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1226
X-Cache-Hits
0
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 04 Apr 2021 11:18:08 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 7456 		49 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
c1b1d353b9e6911b4b006e87d2b889413070b6837a3433445401e2c27d20316b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-50195

Response headers

Date
Sun, 04 Apr 2021 11:18:08 GMT
Content-Range
bytes 0-50195/1336680
Connection
keep-alive
Content-Length
50196
X-Served-By
cache-wdc5539-WDC
Last-Modified
Sun, 04 Apr 2021 09:57:20 GMT
Server
cloudinary
X-Timer
S1617530265.484778,VS0,VE23
ETag
"0ba9872508123fab1f809ba0f92893b3"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552742
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
usync.html
eus.rubiconproject.com/ Frame 707F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 04 Apr 2021 11:18:08 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Date
Sun, 04 Apr 2021 11:18:08 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
avpb3.js
player.aniview.com/script/6.1/ Frame B3C2 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9d57f50fd3260899ab36ce3d61ded63f87dcb0579353baa49e786c93c640cc6c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:08 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UwTK37ekyA5V-yYheQSG99uLJtuaQ5j6SlUeqJO8W1H-i6i0sSt7mc1mNiweggc5oEvB2VTK_hOtqpUsdqwbRPRrFBOQQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
85282
last-modified
Tue, 16 Mar 2021 07:29:55 GMT
server
UploadServer
etag
"59970b9104656633e132e6f6b2d57415"
vary
Accept-Encoding
x-goog-hash
crc32c=ehkP2A==, md5=WZcLkQRlZjPhMub2stV0FQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1615879795278687
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
x-goog-stored-content-length
85282
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Apr 2021 11:23:08 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.dailymail.co.uk&rs=www.dailymail.co.uk&sid=91585&t=1617535088&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=432&he=244&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1617535088521-990053573371-020698-010-000039&cha=0.05&cb=99152827282&cd4=c71865c8-cc30-4710-adc9-eea1c225ebac&cd6=100&cd7=main&d9=1000&AV_WIDTH=432&AV_HEIGHT=244&nid=56ea678d181f46c76f8b45fb&ncid=5fabf6ba51757f2075197397&e=request&cb=1617535088589&asid=5fcf6f07363e2a459c6cf641%2C5ff1826de52e2f2dd148e0f4&ofpr=3%2C3.5&fpo=%2C
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/217532/0/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217532/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:08 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
avjp
playbuzzltd-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=efd380ec-f0de-4643-8ef3-8755f64ff708&nocache=1617535088632&schain=1.0%2C1!playbuzz.com%2C0012000001ONGj5AAH%2C1%2C33132a30bcb24524523dea0ecb706bdf_1723150101%2CDMG%20Media%20Group%2Cdailymail.co.uk&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A432%2C%22h%22%3A244%7D%7D%5D%2C%22w%22%3A432%2C%22v%22%3A244%7D&auid=543835039&vwd=432&vht=244
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:08 GMT
via
1.1 google
server
OXGW/16.205.50
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame BDF2 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F175840252%2FMMPlus%2FDailyMail%2Fdailymail.co.uk%2FVideo&sz=400x300%7C640x480%7C480x270%7C640x360&ciu_szs&cust_params=playersize%3Dlarge%26mm_midroll%3D1&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vad_type=linear&vpos=preroll&pod=1&ppos=7&lip=true&min_ad_duration=0&max_ad_duration=31000&vrid=1220307&adk=4198222906&correlator=3485632668830773&dt=1617535088655&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491&is_amp=0&osd=2&scor=2257703427292300&sdk_apis=2%2C8&us_privacy&vis=1&u_so=l&eid=418572006&hl=en&frm=0&cmsid=2555788&sdki=44d&sdkv=h.3.448.1&sdr=1&video_doc_id=01f2e8x5gvhgrbdarr&vpmute=1&kfa=0&tfcd=0&ctv=0&sid=969BC4B7-3D46-4A59-8050-97FB5BB99698&cookie=ID%3D6bb8c0e728e8d1f0-22a35e5dfcba006e%3AT%3D1617535085%3AS%3DALNI_Ma8BASAGmJR4O6sEgYI5BnE24BfHQ
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 04 Apr 2021 11:18:08 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 7456 		177 KB
178 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
b24dcfa6fd675823a4ef30dc6f26788e36bd822a1e49bf00ae59da8a4d8cf23e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=50196-231427

Response headers

Date
Sun, 04 Apr 2021 11:18:08 GMT
Content-Range
bytes 50196-231427/1336680
Connection
keep-alive
Content-Length
181232
X-Served-By
cache-wdc5539-WDC
Last-Modified
Sun, 04 Apr 2021 09:57:20 GMT
Server
cloudinary
X-Timer
S1617530265.484778,VS0,VE23
ETag
"0ba9872508123fab1f809ba0f92893b3"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552742
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
truncated
/ Frame 7456 		554 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
452d1771c6e4f4a4981f681d311aabb02f3b79661e4b3688293506891c4549ad

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
prd-collector-anon.ex.co/main/ Frame 7456 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/29d99919-081e-472b-b98e-ef8e991ea6b3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.142.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:08 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame 707F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a196984036a07f8eed2207ae1b7cd4bab6e6643d2d6e56c78d3f3f2033f1f71b

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 23:26:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84311
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9419
Expires
Mon, 05 Apr 2021 10:43:19 GMT
bulk
trc.taboola.com/dailymail-dfpads/log/3/ Frame 0294 		0
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/dailymail-dfpads/log/3/bulk?route=AM%3AIL%3AV&lti=lr_fpp_var1&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-15_b5-PR-34853-DEV-85182-lazy-rendering-support-fpp-configs-a38ca17f029-SNAPSHOT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
67
pragma
no-cache
date
Sun, 04 Apr 2021 11:18:08 GMT
via
1.1 varnish
server
nginx
x-timer
S1617535089.770116,VS0,VE67
x-served-by
cache-fra19121-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 04 Apr 2021 11:18:08 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 7456 		114 KB
114 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ef05a772e3286f5b398fcf5ceeba8037bfda7346bc2b578e5b12c01e255ae0bb

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=231428-347987

Response headers

Date
Sun, 04 Apr 2021 11:18:08 GMT
Content-Range
bytes 231428-347987/1336680
Connection
keep-alive
Content-Length
116560
X-Served-By
cache-wdc5539-WDC
Last-Modified
Sun, 04 Apr 2021 09:57:20 GMT
Server
cloudinary
X-Timer
S1617530265.484778,VS0,VE23
ETag
"0ba9872508123fab1f809ba0f92893b3"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552742
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
khaos.jpg
token.rubiconproject.com/ Frame 707F 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
activeview
pagead2.googlesyndication.com/pcs/ Frame 5ADA 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrfqCwRQ1sXEbzKxUKaeMOBzxTTnEf6xEYnWIT6CeOBGDovsArdNcUHv04klgXaEYdOiEDUW7jsKBWv1vqrQUsbrNqkfvyEwUZgYKuHbdd7yz6rHn78idKmiYRSQ&sai=AMfl-YSpTnAwdhhGh6D6djhCsSh8gJCbk4eOQGBmi-INTi63AsBx99pU9nF4KFu5XWkYmx6nR0kQ4DyrRUdoasi1Cflf9iaX9BmxU0h06lNBSI7kzYPah1eaz3w-3Kvbkgg&sig=Cg0ArKJSzGAQ-DhYX3ELEAE&cid=CAASPeRo8UgxfH7sfXxxRed53gKAOSDdSPnmiGhOSdiblZeDvwgLwUaRsDObINlPTHdaJrTPioes0sF9zBi_qMc&id=ampim&o=978,513&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1009&mtos=0,0,1009,1009,1009&tos=0,0,1009,0,0&tfs=218&tls=1227&g=100&h=100&tt=1227&r=v&avms=ampa&adk=4003873380
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
01f2e8x5gvhgrbdarr.mpd
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr.mpd
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
dfc2edb71d2b3576735588a2d5fe718c818adb93a20ddcbce3e470cbd372e52e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3ONBD2B.w1dtI2jETKWuB9ytMzGANkka
content-encoding
gzip
etag
W/"f897a6240d5a591f9516df86d2851e8a"
x-amz-cf-pop
JFK51-C1
akamai-mon-iucid-del
854168
vary
Accept-Encoding
x-amz-request-id
Q5RNZBXN8ZP1N4HS
x-amz-id-2
+rqFbKihjSbtBBTVsN8oPPC7ayZtdyEqMksvHt6Miv/VZlXsrZ066cAz46VRtc57vDNKA3xnanA=
last-modified
Sun, 04 Apr 2021 11:05:48 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:08 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/dash+xml
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
content-length
739
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
mtTagpkBq2iUOUv-BmGgavxRMh3XrSxU1Fb_PrjjirvkG8KEDZ0ItA==
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 7456 		158 KB
159 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
11afb41e206dd6ec196ba00e38057ec164bebfd5f7b7618da7591581368f3cc8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=347988-510043

Response headers

Date
Sun, 04 Apr 2021 11:18:08 GMT
Content-Range
bytes 347988-510043/1336680
Connection
keep-alive
Content-Length
162056
X-Served-By
cache-wdc5539-WDC
Last-Modified
Sun, 04 Apr 2021 09:57:20 GMT
Server
cloudinary
X-Timer
S1617530265.484778,VS0,VE23
ETag
"0ba9872508123fab1f809ba0f92893b3"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552742
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 04 Apr 2021 11:18:08 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
/
crta.dailymail.co.uk/ 		8 B
574 B 		Other
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.10 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:13 GMT
server
http-to-kafka/0.8.10
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Sun, 04 Apr 2021 11:18:13 GMT
01f2e8x5gvhgrbdarr_audioinit.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		638 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_audioinit.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fefeb597a52e8ae32f01920181c4d49b0d95911e60c3d923ea9318c254c76d0d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
tB32JD_BuXbKLN9Ax0956EZ9DQiFfy.b
etag
"922361f517433dd2a67e7f120e01b30d"
x-amz-request-id
MNW3S4BX196HMPVJ
akamai-mon-iucid-del
854168
content-length
638
x-amz-id-2
o9ZV5VBJuRZlY8SaplvnJSie7GU/c2WmtxV4CrZ87LWNKxaVWOy0PcQ4GYI5bzSHu665Cq9CeMs=
last-modified
Sun, 04 Apr 2021 11:05:48 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:08 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
IAD89-C2
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
PxISU2dM4bZPc3DFonF4RZCconI1nFFTs1jEYzYH9FOas9YHPZ_Nkg==
01f2e8x5gvhgrbdarr_audio_000000001.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		66 KB
67 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_audio_000000001.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9d1d5c2e2cdf38c7149da592cea1a93063adb9ae11fbe311ce573034616cc021

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
rvWFJHf1cTQFxXe8uD1WKfvZRXrJ04oz
etag
"93ca0d1e3ce5e7aa38e913cb186a33ab"
x-amz-request-id
MNW5F75XQ6NN75DC
akamai-mon-iucid-del
854168
content-length
67754
x-amz-id-2
2JFLQ+M2fmTs69MAqMc55uOISH1Bg/NNyqUyf6Dvd+AWtmIK013wHcA3qmgUhTtBCfbBV+h/gPk=
last-modified
Sun, 04 Apr 2021 11:05:33 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:08 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
MIA3-C4
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
0fPuBjoJJsb2oFE94beyIFElyrKQYNfVsG6pevJnLHMXUYkbslOYhg==
01f2e8x5gvhgrbdarr_406pinit.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		732 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_406pinit.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
42a2b558fbd52d501c1145ae5b3c71f5b94d104e8d7836e7b31cdef8fef42795

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
gtAXTsggTtLK_WwIaoCq.nTIDL17QZTM
etag
"88d219fe72610eab4d581575832514f2"
x-amz-request-id
MNWBECMMVDBF8ZX7
akamai-mon-iucid-del
854168
content-length
732
x-amz-id-2
zTrYQSGc/IFpkVdIIoI9tV7AB1mmpyVYMOFbsbbL6kNYjmsCtwIVu3uReJq/LSuhmONV9P7qaxE=
last-modified
Sun, 04 Apr 2021 11:05:48 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:08 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
MIA3-C4
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
_k2YbjNadq5Ht_swMczYnAhRulDQbjsCgqffgL_6_tKvP2HZHEBKeg==
01f2e8x5gvhgrbdarr_406p_000000001.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		143 KB
144 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_406p_000000001.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d00b29dfbdd07336eea458e5ad30818cd4258c298facb4702998aebd089577fb

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uRc1nVaZdR1oWZx3JbvzQ.H4gPhuKecU
etag
"d58e5c5127e91cca751d164cb823aecb"
x-amz-request-id
MNW9RD491HR5CCFN
akamai-mon-iucid-del
854168
content-length
146089
x-amz-id-2
6Ab1afoaWIb564x541wMI/xecQqHf+ZRMZCpM/pjas1VcT9+tW+PF8PNcHfstyL4z5nQdS4kbBw=
last-modified
Sun, 04 Apr 2021 11:05:33 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:08 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
ATL56-C1
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
lSOaKV2gXZBi1dtrZqKfF71KegHK7cSrqIkvZY_1SfOc8Ld8_KN-oQ==
rid
match.adsrvr.org/track/ 		108 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=a8r0pns&fmt=json
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
92e02a76c97c8243eac102e515943a3300c4014206ed2476419296fec46bcc4d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Apr 2021 11:18:09 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 04 May 2021 11:18:09 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 5C57 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sun, 04 Apr 2021 11:18:08 GMT
Connection
keep-alive
sync
eb2.3lift.com/ Frame 6863 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.85.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-85-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
91932887d85f4944ce6feb9351a5948c6d43ade45dbb79aa5f08ead188cc8c93

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=13044601691632947997
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

date
Sun, 04 Apr 2021 11:18:10 GMT
content-type
text/html; charset=utf-8
content-length
479
set-cookie
sync=CgoIgQIQ2Prq5IkvCgoIkQIQ2Prq5IkvCgoI4gEQ2Prq5IkvCgoIkgIQ2Prq5IkvCgoI5gEQ2Prq5IkvCgoIhwIQ2Prq5IkvCgkIOhDY-urkiS8KCQgLENj66uSJLwoJCF8Q2Prq5IkvCgkIHxDY-urkiS8=; Max-Age=7776000; Expires=Sat, 03 Jul 2021 11:18:10 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=13044601691632947997; Max-Age=7776000; Expires=Sat, 03 Jul 2021 11:18:10 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
async_usersync.html
acdn.adnxs.com/dmp/ Frame 02C2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=4067890039530243391
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Mon, 05 Apr 2021 11:18:12 GMT
Date
Sun, 04 Apr 2021 11:18:10 GMT
Connection
keep-alive
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 14E7 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dd18ae6f7ea4795c20b8a77996dd0d4bb160d340e8cb85aec774a3af11295b2e

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YGmgbnpO9fyfZTUURfDmcQAA; CMPS=1132; CMPRO=1177; CMST=YGmgbmBpoG8A; CMRUM3=276069a06e0b40&986069a06f2760b6a146d5-da85-4cf4-8b6d-eebdeef1e630&f16069a06e05a00&286069a06e05a00&e66069a06e27600&2d6069a06e2760CAESELG0ioR9-SVjXNpzsvgHH9w&036069a06e05a0&b06069a06e05a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|88|4|188|8|31|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1471
Expires
Sun, 04 Apr 2021 11:18:08 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:08 GMT
Connection
keep-alive
Set-Cookie
CMID=YGmgbnpO9fyfZTUURfDmcQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 04 Apr 2022 11:18:08 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 11:18:08 GMT CMPRO=1177;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 11:18:08 GMT CMST=YGmgbmBpoHAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 05 Apr 2021 11:18:08 GMT CMRUM3=276069a06e0b40&2d6069a06e2760CAESELG0ioR9-SVjXNpzsvgHH9w&036069a06e05a0&bc6069a07005a00&496069a07005a00&986069a06f2760b6a146d5-da85-4cf4-8b6d-eebdeef1e630&586069a07005a0&086069a07005a00&f16069a06e05a00&e66069a06e27600&046069a07005a0&286069a06e05a00&1f6069a07005a00&2e6069a07005a0&c46069a07005a0&b06069a06e05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 04 Apr 2022 11:18:08 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame F126 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=4067890039530243391
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Mon, 05 Apr 2021 11:18:12 GMT
Date
Sun, 04 Apr 2021 11:18:10 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 431E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 04 Apr 2021 11:18:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 800A 		668 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
3a962caddba7c7a696505c99c92f4097a26c8daac24ac3a964233f2e65f20dd2

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=0c92a29f-5391-4b15-873b-cf2bf278513b|1617535085
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=0c92a29f-5391-4b15-873b-cf2bf278513b|1617535085; Version=1; Expires=Mon, 04-Apr-2022 11:18:08 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1617535088|gekin0vNiygu; Version=1; Expires=Mon, 19-Apr-2021 11:18:08 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.50
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 04 Apr 2021 11:18:08 GMT
content-type
text/html
content-length
420
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame A62C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sun, 04 Apr 2021 11:18:09 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9046 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=64246
Expires
Mon, 05 Apr 2021 05:08:57 GMT
Date
Sun, 04 Apr 2021 11:18:11 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 76AE 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=amno56p1617535084669
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.141.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-141-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
47a7925807b2cc60acb03f39881a4fe0b4973e34619325d9ff10227cfa0a5859

Request headers

:method
GET
:authority
pre.ads.justpremium.com
:scheme
https
:path
/v/1.0/t/sync?_c=amno56p1617535084669
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

date
Sun, 04 Apr 2021 11:18:08 GMT
content-type
text/html; charset=utf-8
cache-control
public, no-cache, no-store, must-revalidate
pd
eu-u.openx.net/w/1.0/ Frame D7EE 		668 B
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
3a962caddba7c7a696505c99c92f4097a26c8daac24ac3a964233f2e65f20dd2

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=0c92a29f-5391-4b15-873b-cf2bf278513b|1617535085
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=0c92a29f-5391-4b15-873b-cf2bf278513b|1617535085; Version=1; Expires=Mon, 04-Apr-2022 11:18:08 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1617535088|gekin0vNiygu; Version=1; Expires=Mon, 19-Apr-2021 11:18:08 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.50
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 04 Apr 2021 11:18:08 GMT
content-type
text/html
content-length
420
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync
eb2.3lift.com/ Frame 6C3D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.85.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-85-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
91932887d85f4944ce6feb9351a5948c6d43ade45dbb79aa5f08ead188cc8c93

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=13044601691632947997
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

date
Sun, 04 Apr 2021 11:18:10 GMT
content-type
text/html; charset=utf-8
content-length
479
set-cookie
sync=CgoIgQIQ2Prq5IkvCgoIkQIQ2Prq5IkvCgoI4gEQ2Prq5IkvCgoIkgIQ2Prq5IkvCgoI5gEQ2Prq5IkvCgoIhwIQ2Prq5IkvCgkIOhDY-urkiS8KCQgLENj66uSJLwoJCF8Q2Prq5IkvCgkIHxDY-urkiS8=; Max-Age=7776000; Expires=Sat, 03 Jul 2021 11:18:10 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=13044601691632947997; Max-Age=7776000; Expires=Sat, 03 Jul 2021 11:18:10 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7&_origin=1&gdpr=1&gdpr_consent=
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:10 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
i.gif
mfad.inskinad.com/udb/9874/sync/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=185638&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=YGmgbnpO9fyfZTUURfDmcQAA%261177
43 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=YGmgbnpO9fyfZTUURfDmcQAA%261177
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.88.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-88-36.compute-1.amazonaws.com
Software
nginx/1.16.1 / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:11 GMT
ETag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
Server
nginx/1.16.1
x-powered-by
adzerk bifrost/
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
undefined
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
Content-Length
43
x-served-by
engine-production-i-0719c158042df8d0a

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=YGmgbnpO9fyfZTUURfDmcQAA%261177
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
284
Expires
Sun, 04 Apr 2021 11:18:10 GMT
m7y5t93k
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
85 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YGmgdAAAAHPM-xcV
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.3.8.v20160314) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:12 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
age
1344
x-served-by
cache-fra19180-FRA
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1617535092.330807,VS0,VE0
content-length
85
x-cache-hits
4833

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:12 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
x-timer
S1617535092.114770,VS0,VE186
x-served-by
cache-fra19180-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YGmgdAAAAHPM-xcV
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
x-cache-hits
0
match
e.serverbid.com/udb/9969/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fpool%2Fset%2Fi.gif%3FpoolId%3D9969%26poolKey%3D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:11 GMT
content-length
0
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP70ff95ae-9537-11eb-98cf-06a7f397d880
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA3MGZmOTVhZS05NTM3LTExZWItOThjZi0wNmE3ZjM5N2Q4ODA%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESENepam8tZuIoZwMHWK4yYTs&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESENepam8tZuIoZwMHWK4yYTs&google_cver=1&apid=UP70ff95ae-9537-11eb-98cf-06a7f397d880
0
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESENepam8tZuIoZwMHWK4yYTs&google_cver=1&apid=UP70ff95ae-9537-11eb-98cf-06a7f397d880
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:11 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESENepam8tZuIoZwMHWK4yYTs&google_cver=1&apid=UP70ff95ae-9537-11eb-98cf-06a7f397d880
date
Sun, 04 Apr 2021 11:18:11 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
getuids
grid.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=e8d6a4bd-c823-4604-9ac6-45f486cde86b&google_hm=ZThkNmE0YmQtYzgyMy00NjA0LTlhYzYtNDVmNDg2Y2R...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAQzv57dqwH24KNKcuN8ONg&google_cver=1&ssp=themediagrid&bsw_param=e8d6a4bd-c823-4604-9ac6-45f486cde86b
  • https://grid.bidswitch.net/getuids?bsw_uid=e8d6a4bd-c823-4604-9ac6-45f486cde86b&ssp_custom_data=
0
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grid.bidswitch.net/getuids?bsw_uid=e8d6a4bd-c823-4604-9ac6-45f486cde86b&ssp_custom_data=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.206.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8

Redirect headers

location
//grid.bidswitch.net/getuids?bsw_uid=e8d6a4bd-c823-4604-9ac6-45f486cde86b&ssp_custom_data=
date
Sun, 04 Apr 2021 11:18:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7456 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhN0HEa_NIAyqnKat7iPUH5MeeKJlR5oc1cB7O1RSPwt8NPiHYaJbOOyKEgIhYT4qeWvKS8D5wse0nfp6NTsMUyXGc5u0AiKgrV1tsovQ&sig=Cg0ArKJSzDk5UX2AIdXMEAE&id=osdim&mcvt=1001&p=961,396,1231,876&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210331&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=19&adk=553692443&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1617535087589&dlt=0&rpt=120&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 04 Apr 2021 11:18:08 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 7456 		122 KB
123 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
e7be1e57f70cf27212b282c630eff6c47605f2c66a3f2d2cb46f8ac3ad7e8a51

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=510044-635439

Response headers

Date
Sun, 04 Apr 2021 11:18:09 GMT
Content-Range
bytes 510044-635439/1336680
Connection
keep-alive
Content-Length
125396
X-Served-By
cache-wdc5539-WDC
Last-Modified
Sun, 04 Apr 2021 09:57:20 GMT
Server
cloudinary
X-Timer
S1617530265.484778,VS0,VE23
ETag
"0ba9872508123fab1f809ba0f92893b3"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552741
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
usync.js
eus.rubiconproject.com/ Frame 431E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a196984036a07f8eed2207ae1b7cd4bab6e6643d2d6e56c78d3f3f2033f1f71b

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 23:26:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84311
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9419
Expires
Mon, 05 Apr 2021 10:43:19 GMT
sd
eu-u.openx.net/w/1.0/ Frame 800A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2f9c6069-a071-4700-8c15-5e9b1dd3046d
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2f9c6069-a071-4700-8c15-5e9b1dd3046d
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
MT3 3628 75f709e master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2f9c6069-a071-4700-8c15-5e9b1dd3046d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Apr 2021 11:18:03 GMT
sd
us-u.openx.net/w/1.0/ Frame 800A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=cqoycCWqM3lp_2Iocv4pfyb5Mnhp-DctIageCRiC
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=cqoycCWqM3lp_2Iocv4pfyb5Mnhp-DctIageCRiC
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=cqoycCWqM3lp_2Iocv4pfyb5Mnhp-DctIageCRiC
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 800A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2474264956784336345
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2474264956784336345
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2474264956784336345
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 800A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=df3e9dc6-fa16-74e2-dded-07c3965f62c6&gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 800A 		170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjM1MTRlMGMtMzM2MS0yYTQ2LWM4MGQtNWQ3YTVjYmRhY2E2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 800A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL0y8duO8-Bo9PtPJ0mtxkw&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL0y8duO8-Bo9PtPJ0mtxkw&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL0y8duO8-Bo9PtPJ0mtxkw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame D7EE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=73e26069-a071-4e00-aa35-5d3a5a2bacd1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=73e26069-a071-4e00-aa35-5d3a5a2bacd1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 04 Apr 2021 11:18:04 GMT
Server
MT3 3628 75f709e master zrh-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=73e26069-a071-4e00-aa35-5d3a5a2bacd1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Apr 2021 11:18:03 GMT
sd
us-u.openx.net/w/1.0/ Frame D7EE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=IL_bkHe_2pk76d2adenAz3fp1M877o-dJL-rbRqP
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=IL_bkHe_2pk76d2adenAz3fp1M877o-dJL-rbRqP
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=IL_bkHe_2pk76d2adenAz3fp1M877o-dJL-rbRqP
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame D7EE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6913429739532060625
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6913429739532060625
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6913429739532060625
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame D7EE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=df3e9dc6-fa16-74e2-dded-07c3965f62c6&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D7EE 		170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjM1MTRlMGMtMzM2MS0yYTQ2LWM4MGQtNWQ3YTVjYmRhY2E2
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D7EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL0y8duO8-Bo9PtPJ0mtxkw&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL0y8duO8-Bo9PtPJ0mtxkw&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL0y8duO8-Bo9PtPJ0mtxkw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 14E7 		43 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 14E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 14E7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YGmgdAAAAEiH5kpZ
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YGmgdAAAAEiH5kpZ&gdpr=1&_test=YGmgdAAAAEiH5kpZ
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YGmgdAAAAEiH5kpZ&gdpr=1&_test=YGmgdAAAAEiH5kpZ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:12 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1617535092.331005,VS0,VE0
x-served-by
cache-fra19180-FRA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YGmgdAAAAEiH5kpZ&gdpr=1&_test=YGmgdAAAAEiH5kpZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 14E7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3391684226002723786
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3391684226002723786
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:09 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3391684226002723786
pragma
no-cache
date
Sun, 04 Apr 2021 11:18:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
CookieIndex
rtb.adentifi.com/ Frame 14E7 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.11.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
crum
dsum-sec.casalemedia.com/ Frame 14E7
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=36d5c3e1-5731-4abf-aaa7-4e1b2cab5012&expiration=1649071092
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=36d5c3e1-5731-4abf-aaa7-4e1b2cab5012&expiration=1649071092
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:12 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=36d5c3e1-5731-4abf-aaa7-4e1b2cab5012&expiration=1649071092
date
Sun, 04 Apr 2021 11:18:12 GMT
server
Kestrel
content-length
0
noop
px.owneriq.net/ Frame 14E7
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6708214942078933608&uid=Q6708214942078933608&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:14 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sun, 04 Apr 2021 11:18:14 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
us.php
gu.dyntrk.com/adx/ie/ Frame 14E7 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame 14E7 		43 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=YGmgbnpO9fyfZTUURfDmcQAA%261177
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.88.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-88-36.compute-1.amazonaws.com
Software
nginx/1.16.1 / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:09 GMT
ETag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
Server
nginx/1.16.1
x-powered-by
adzerk bifrost/
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
undefined
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
Content-Length
43
x-served-by
engine-production-i-070f7c1f8d3772eff
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame D0DA 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
acdb4b1e4aeaa24e8fb6b46e41a832000ccfb859c1d93dc3859a7d07ab09463a

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YGmgbnpO9fyfZTUURfDmcQAA; CMPS=1132; CMPRO=1177; CMST=YGmgbmBpoHAA; CMRUM3=276069a06e0b40&2d6069a06e2760CAESELG0ioR9-SVjXNpzsvgHH9w&036069a06e05a0&bc6069a07005a00&496069a07005a00&986069a06f2760b6a146d5-da85-4cf4-8b6d-eebdeef1e630&586069a07005a0&086069a07005a00&f16069a06e05a00&e66069a06e27600&046069a07005a0&286069a06e05a00&1f6069a07005a00&2e6069a07005a0&c46069a07005a0&b06069a06e05a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|130|65|111|13|39|218|123
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1558
Expires
Sun, 04 Apr 2021 11:18:09 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:09 GMT
Connection
keep-alive
Set-Cookie
CMID=YGmgbnpO9fyfZTUURfDmcQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 04 Apr 2022 11:18:09 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 11:18:09 GMT CMPRO=1177;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 11:18:09 GMT CMRUM3=416069a07105a0&276069a0710b40&da6069a07127600&6f6069a07105a0&036069a06e05a0&2d6069a06e2760CAESELG0ioR9-SVjXNpzsvgHH9w&bc6069a07005a00&986069a06f2760b6a146d5-da85-4cf4-8b6d-eebdeef1e630&496069a07005a00&286069a06e05a00&046069a07005a0&e66069a06e27600&086069a07005a00&f16069a06e05a00&586069a07005a0&0d6069a07105a0&c46069a07005a0&2e6069a07005a0&7b6069a07105a00&1f6069a07005a00&ce6069a07105a00&826069a071a8c0&b06069a06e05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 04 Apr 2022 11:18:09 GMT CMST=YGmgbmBpoHEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 05 Apr 2021 11:18:09 GMT
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 04 Apr 2021 11:18:09 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 7456 		168 KB
169 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
5d1196cde76ece95883b77dd9c7d2d0a7a863a2a476f1e44390e3a5682ef89f3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=635440-807835

Response headers

Date
Sun, 04 Apr 2021 11:18:09 GMT
Content-Range
bytes 635440-807835/1336680
Connection
keep-alive
Content-Length
172396
X-Served-By
cache-wdc5539-WDC
Last-Modified
Sun, 04 Apr 2021 09:57:20 GMT
Server
cloudinary
X-Timer
S1617530265.484778,VS0,VE23
ETag
"0ba9872508123fab1f809ba0f92893b3"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552741
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
collect
www.google-analytics.com/ 		35 B
81 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&n...
43 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=120000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=0&ns_st_ci=01f2e8x5gvhgrbdarr&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1617535089056&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=3473&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Entertainment&ns_st_st=*null&ns_st_ce=1&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=floor8&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&c8=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&c9=&cs_ak_ss=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:12 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=120000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=0&ns_st_ci=01f2e8x5gvhgrbdarr&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1617535089056&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=3473&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Entertainment&ns_st_st=*null&ns_st_ce=1&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=floor8&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&c8=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:12 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 08F2 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5a7dd2889e6c519d0f3cfbfbbc05dd4aa057ead85d54ca91b0c63fbf88fc5769

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YGmgbnpO9fyfZTUURfDmcQAA; CMPS=1132; CMPRO=1177; CMRUM3=416069a07105a0&276069a0710b40&da6069a07127600&6f6069a07105a0&036069a06e05a0&2d6069a06e2760CAESELG0ioR9-SVjXNpzsvgHH9w&bc6069a07005a00&986069a06f2760b6a146d5-da85-4cf4-8b6d-eebdeef1e630&496069a07005a00&286069a06e05a00&046069a07005a0&e66069a06e27600&086069a07005a00&f16069a06e05a00&586069a07005a0&0d6069a07105a0&c46069a07005a0&2e6069a07005a0&7b6069a07105a00&1f6069a07005a00&ce6069a07105a00&826069a071a8c0&b06069a06e05a00; CMST=YGmgbmBpoHEA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
90|81|64|41|130|196|57|5
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1271
Expires
Sun, 04 Apr 2021 11:18:09 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:09 GMT
Connection
keep-alive
Set-Cookie
CMID=YGmgbnpO9fyfZTUURfDmcQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 04 Apr 2022 11:18:09 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 11:18:09 GMT CMPRO=1177;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 03 Jul 2021 11:18:09 GMT CMST=YGmgbmBpoHEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 05 Apr 2021 11:18:09 GMT CMRUM3=516069a07105a0&496069a07005a00&986069a06f2760b6a146d5-da85-4cf4-8b6d-eebdeef1e630&396069a07105a0&286069a06e05a00&046069a07005a0&e66069a06e27600&086069a07005a00&586069a07005a0&f16069a06e05a00&7b6069a07105a00&1f6069a07005a00&ce6069a07105a00&2e6069a07005a0&c46069a07105a0&0d6069a07105a0&406069a07105a0&056069a07105a0&826069a071a8c0&5a6069a07105a0&b06069a06e05a00&296069a07105a00&276069a0710b40&da6069a07127600&416069a07105a0&6f6069a07105a0&036069a06e05a0&2d6069a06e2760CAESELG0ioR9-SVjXNpzsvgHH9w&bc6069a07005a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 04 Apr 2022 11:18:09 GMT
01f2e8x5gvhgrbdarr_406p_000000002.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		116 KB
117 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_406p_000000002.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
30121d06bce080935da9264df11e5ee42995b4924839f9a8f026ef85aa895776

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eJrSRKUlKIqlYMr8YKT0XXmuf8Wf8xIg
etag
"df01ac6e77128498250af90716256cd4"
x-amz-request-id
ERC259QC3V37GJ4D
akamai-mon-iucid-del
854168
content-length
118751
x-amz-id-2
tnG6e1UncuIneMOZYJn3cSZ30cd99q3KGud2ksdQoLFxgalkmhR3Q9JW6dGa+9draGaBvZsCUn8=
last-modified
Sun, 04 Apr 2021 11:05:33 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:09 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
Mnm8K8006VVcRFStuqv5IFr_liHSm3Tnt8fDXKeewiLrrdSqXBFAlQ==
YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D0DA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB
43 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sun, 04 Apr 2021 11:18:09 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YGmgbnpO9fyfZTUURfDmcQAABJkAAAAB
Connection
keep-alive
Content-Length
0
ie
match.prod.bidr.io/cookie-sync/ Frame D0DA 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.154.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:09 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame D0DA
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1617621489&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1617621489&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:09 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1617621489&gdpr=1
pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
match
c1.adform.net/serving/cookie/ Frame D0DA 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame D0DA
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0612220427272207380a2fca&expiration=[EXPIRATION]&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0612220427272207380a2fca&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:10 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0612220427272207380a2fca&expiration=[EXPIRATION]&gdpr=1
Date
Sun, 04 Apr 2021 11:18:10 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
casale
match.adsrvr.org/track/cmf/ Frame D0DA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YGmgbnpO9fyfZTUURfDmcQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
demconf.jpg
dpm.demdex.net/ Frame D0DA
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YGmgbnpO9fyfZTUURfDmcQAA%261177
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YGmgbnpO9fyfZTUURfDmcQAA%261177
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YGmgbnpO9fyfZTUURfDmcQAA%261177
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.59.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-0b11aaafb.edge-irl1.demdex.com 5.80.7.20210304103356 1ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
obi96hbRRes=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
lEa5KMqGTH4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YGmgbnpO9fyfZTUURfDmcQAA%261177
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D0DA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZKjjEn3MTaZh9NE3ONHf9VJmE4g
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZKjjEn3MTaZh9NE3ONHf9VJmE4g&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZKjjEn3MTaZh9NE3ONHf9VJmE4g&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:16 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ZKjjEn3MTaZh9NE3ONHf9VJmE4g&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
291
Expires
Sun, 04 Apr 2021 11:18:16 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame D0DA 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YGmgbnpO9fyfZTUURfDmcQAA%261177
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:12 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=940
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:33:52 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 0294 		254 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
26407
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19121-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1617535089.134841,VS0,VE0
date
Sun, 04 Apr 2021 11:18:09 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
42
x-cache-hits
17049
crum
dsum-sec.casalemedia.com/ Frame 08F2
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9749EB4B6EA34037A0335D9155655E87&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9749EB4B6EA34037A0335D9155655E87&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:11 GMT

Redirect headers

date
Sun, 04 Apr 2021 11:18:11 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9749EB4B6EA34037A0335D9155655E87&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sat, 03 Apr 2021 11:18:11 GMT
rum
dsum-sec.casalemedia.com/ Frame 08F2
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=E9meiETZn4EIj5iCRo-F10SPkdcIiMqFF9kxzo2E
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=E9meiETZn4EIj5iCRo-F10SPkdcIiMqFF9kxzo2E
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:09 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=E9meiETZn4EIj5iCRo-F10SPkdcIiMqFF9kxzo2E
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 08F2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1620127092
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1620127092
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:12 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:12 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1620127092
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
bridge
cm.adgrx.com/ Frame 08F2 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:15 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-2
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 08F2 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.154.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:09 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.php
gu.dyntrk.com/adx/ie/ Frame 08F2 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
crum
dsum-sec.casalemedia.com/ Frame 08F2
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739025642716504
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739025642716504&C=1
43 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739025642716504&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:18 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739025642716504&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Sun, 04 Apr 2021 11:18:18 GMT
ix
ad4m.at/ad/sim/ Frame 08F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 08F2 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YGmgbnpO9fyfZTUURfDmcQAA%261177
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:12 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=940
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:33:52 GMT
pd
u.openx.net/w/1.0/ Frame 3EE1 		498 B
630 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
a838acf609a93e659c81069a384000cdd7109135b397805a1aae918f29e82610

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=0c92a29f-5391-4b15-873b-cf2bf278513b|1617535085; pd=v2|1617535088|gekin0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=0c92a29f-5391-4b15-873b-cf2bf278513b|1617535085; Version=1; Expires=Mon, 04-Apr-2022 11:18:09 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1617535088.1|kiiygevNgun0.mWgqsLommOns; Version=1; Expires=Mon, 19-Apr-2021 11:18:09 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.50
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 04 Apr 2021 11:18:09 GMT
content-type
text/html
content-length
315
content-encoding
gzip
via
1.1 google
alt-svc
clear
sd
us-u.openx.net/w/1.0/ Frame 3EE1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3391684226002723786&gdpr=1&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3391684226002723786&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3391684226002723786&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 04 Apr 2021 11:18:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 3EE1
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=AGgX-lOQzcw7mUt0RUZYfA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:10 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
vutl4pkolj2vaf8riklarstshh5poi7e

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4bf9fb82-6aba-e6ab-ec3a-11366908af8f
pr-bh.ybp.yahoo.com/sync/openx/ Frame 3EE1 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/4bf9fb82-6aba-e6ab-ec3a-11366908af8f?gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 3EE1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=1dxxHpTc1Lt0LL5
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072979&val=1dxxHpTc1Lt0LL5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072979&val=1dxxHpTc1Lt0LL5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:17 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072979&val=1dxxHpTc1Lt0LL5
date
Sun, 04 Apr 2021 11:18:17 GMT
via
1.1 google
server
OXGW/16.205.50
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
us-u.openx.net/w/1.0/ Frame 3EE1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=27981e07-f501-445d-81fb-a68e0104dd72&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=e8d6a4bd-c823-4604-9ac6-45f486cde86b
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=e8d6a4bd-c823-4604-9ac6-45f486cde86b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=e8d6a4bd-c823-4604-9ac6-45f486cde86b
date
Sun, 04 Apr 2021 11:18:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 3EE1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDai1VN0EwMEVBQUNvVEVfYnp1Zw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.154.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:09 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
crta.dailymail.co.uk/ 		8 B
450 B 		Other
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.10 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:14 GMT
server
http-to-kafka/0.8.10
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Sun, 04 Apr 2021 11:18:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 65E0 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuB3w8Db0BSbgztSh-IB_fM5Ofk6KjVs6cDntK2F1fZpKozA_swO-maP5T3T_sY176m0kBZMHeSjSsPPKXwTBQq-yHHAP2ymTaA1fQL_Ho_DnF5OLc3ac9puVpzVQ&sai=AMfl-YSqp0mUC3cn6r6gZeYchP1gEXQ63P_eJoQeJT5i-0buFuhI-Qg7Ndi26uyiM1wOqD_QYJp1FOR8N2AIZpkx1jqx9b06XloF-Stpjz14ZkvrKCuelTKKW4Pa0AgOo9Xu&sig=Cg0ArKJSzDF8K59qDwZWEAE&cid=CAASPeRoGnCfzyN2VPnENbWERWgxal0xJvMCP8nJxbMUNsgE_OCzweCt15UgvwmpPyKfe9BQ_Zsbw9BbmvsrWGo&id=ampim&o=1297,20&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=224&tls=1224&g=100&h=100&tt=1224&r=v&avms=ampa&adk=552738603
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F134 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlDKi3YjR1gr_7Kg1YPAOeCfrDXz30qKslF-jKwD6QdKw-ISVCZHQcwvqtK-X8f1hG4Ild26McuksTIihbxLHlAXbJ4FWo8CUgQlEd81n0MgPPXZK2_MRAG4G_2g&sai=AMfl-YSd2WpsavZFvciCarRt-oflmO39YcE6cFT3pcgtDqjx8BZeaNNUSWcMFoj_BjqMJj6va49vGeKb6pm5AQWjaBNsd9Sm8hh08tAk_W1wKcNIltj6q98p89vrIMhxaAa7&sig=Cg0ArKJSzNKC27BuXVSbEAE&cid=CAASPeRoH4K6AiYkDJi5U75PRZWBCLPgsfyueUIWU-rXkiaaucA0wNJTLlTJ8faUhAjokk5sGApVPZG8WiVtv1Q&id=ampim&o=3,20&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=137&tls=1137&g=100&h=100&tt=1137&r=v&avms=ampa&adk=2607279429
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef
sync.crwdcntrl.net/map/c=10924/tp=OOLA/ Frame 0294 		49 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.26.1
content-type
image/gif
content-length
49
expires
0
35702
tags.bluekai.com/site/ Frame 0294 		62 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/35702?id=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.152.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-152-128.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:14 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
b469
Content-Type
image/gif
mw
mwzeom.zeotap.com/ Frame 0294 		95 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1367&env=mWeb&cid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&gdpr=$0&gdpr_consent=$
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:12 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
cf-ray
63aa22774e1d05cc-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
093e33de8a000005cca1036000000001
sync
odr.mookie1.com/t/v2/ Frame 0294 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_866925&src.visitorId=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:12 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm
trc.taboola.com/sg/neustar/1/ Frame 0294
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef
  • https://d.agkn.com/pixel/10751/?che=1617535092&ip=82.102.19.136&l1=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fneustar%2F1%2Fcm%3Ftaboola_hm%3D164880203746000508866
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164880203746000508866
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164880203746000508866
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
pragma
no-cache
date
Sun, 04 Apr 2021 11:18:12 GMT
via
1.1 varnish
server
nginx
x-timer
S1617535093.648227,VS0,VE67
x-served-by
cache-fra19121-FRA
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:12 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164880203746000508866
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
5a2209a58dfe4f2dbf40b1b4ea7f15d9
i.liadm.com/s/e/64716/0/ Frame 0294
Redirect Chain
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&_li_chk=true&previous_uuid=0621956e156b431db1b9ea45ce302f03
  • https://i.liadm.com/s/64716?bidder_id=88068&bidder_uuid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&previous_uuid=4ce2fac47df3482096499107d8930f77
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F64716%2F0%2F5a2209a58dfe4f2dbf40b1b4ea7f15d9%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&0621956e-156b-431d-b1b9-ea45...
  • https://i.liadm.com/s/e/64716/0/5a2209a58dfe4f2dbf40b1b4ea7f15d9?mpid=7156&muid=558a6069-a075-4100-b54e-e6d81ed65afe
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/64716/0/5a2209a58dfe4f2dbf40b1b4ea7f15d9?mpid=7156&muid=558a6069-a075-4100-b54e-e6d81ed65afe
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.155.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:15 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Sun, 04 Apr 2021 11:18:09 GMT
Server
MT3 3628 75f709e master zrh-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/64716/0/5a2209a58dfe4f2dbf40b1b4ea7f15d9?mpid=7156&muid=558a6069-a075-4100-b54e-e6d81ed65afe
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Apr 2021 11:18:08 GMT
csync.ashx
ml314.com/ Frame 0294
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&gdpr=0&gdpr_consent=&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3617803610787151939
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxNzgwMzYxMDc4NzE1MTkzORAAGg0I9cCmgwYSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=14f62bcf98eac6b29cf038896e6b9c20d86e1fd23ab7717be5f0cfd5880a6cb6f4cb09cee1a4f8eb&person_id=3617803610787151939&eid=50082
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=14f62bcf98eac6b29cf038896e6b9c20d86e1fd23ab7717be5f0cfd5880a6cb6f4cb09cee1a4f8eb&person_id=3617803610787151939&eid=50082
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.195.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:13 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Mon, 05 Apr 2021 07:18:13 GMT

Redirect headers

date
Sun, 04 Apr 2021 11:18:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=14f62bcf98eac6b29cf038896e6b9c20d86e1fd23ab7717be5f0cfd5880a6cb6f4cb09cee1a4f8eb&person_id=3617803610787151939&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
mw
mwzeom.zeotap.com/ Frame 0294 		95 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1412&env=mWeb&cid=1c40386736158fe7b68cb5fa29967e9fa431b970bb2e78825846a5efaa82a464&gdpr=$0&gdpr_consent=$
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
cf-ray
63aa227e496205cc-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
093e33e2f0000005ccaf2e6000000001
sync
ups.analytics.yahoo.com/ups/55973/ Frame 0294
Redirect Chain
  • https://pixel.advertising.com/ups/55973/sync?uid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&_origin=1
  • https://pixel.advertising.com/ups/55973/sync?uid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55973/sync?uid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&_origin=1&apid=UP721f848b-9537-11eb-98cf-06a7f397d880
  • https://ups.analytics.yahoo.com/ups/55973/sync?uid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&_origin=1&apid=UP721f848b-9537-11eb-98cf-06a7f397d880&verify=true
0
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55973/sync?uid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&_origin=1&apid=UP721f848b-9537-11eb-98cf-06a7f397d880&verify=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:13 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Sun, 04 Apr 2021 11:18:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/55973/sync?uid=d57541ee-4fae-4f63-a043-16c501b53767-tuct76325ef&_origin=1&apid=UP721f848b-9537-11eb-98cf-06a7f397d880&verify=true
Connection
keep-alive
Content-Length
0
01f2e8x5gvhgrbdarr_audio_000000002.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		65 KB
66 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_audio_000000002.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
802971016cffe880fc38390c57c9e92dd4a59f87f218fcb38cf3410e0042dd46

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JbM3msFp8Xf.V608qJOXzeW02zUrtPJD
etag
"8aafadd2a2485a8e13010a5e8b087313"
x-amz-request-id
ERC96EQXVY6D954R
akamai-mon-iucid-del
854168
content-length
66483
x-amz-id-2
N6nD1Z4UBUfVZK7x+RX+sMo7NCM3np7uuUgp82GIuWDgB7teAeglukNMQwhFT5xoeXZTX2HyUHc=
last-modified
Sun, 04 Apr 2021 11:05:33 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:09 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
IAD89-C2
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
a6kSMi5sT-H9rq5NPdJTp6wtkbjQzUfxYo8TJfHQZhXBC9GKmvkr6g==
01f2e8x5gvhgrbdarr_audio_000000003.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		65 KB
66 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_audio_000000003.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f4162681be99cd8f60c37c41185003a84168962b652827cd9bf0a45001e8d641

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wPdM36gpREoCg9nKb6NFIqxmOwgbseen
etag
"3a3a541ae779b3b907c2ebe55ceb5c9e"
x-amz-request-id
4WATD44JF8PE3SZ1
akamai-mon-iucid-del
854168
content-length
66661
x-amz-id-2
mCcdR+IhqcG7qFlxXZ3nR1GIhlUAK7p5VpiAh6o6arCR7IZmzekoaKBhVHEkVlV5de1TIEPx1gc=
last-modified
Sun, 04 Apr 2021 11:05:34 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:10 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
ORD52-C2
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
mf6FWEfcZYs8pogbrCERkbroM_QrL5L6BQ--SZydcq9-weLmoq0uuw==
generic
match.adsrvr.org/track/cmf/ Frame 6863 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 6863
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL5tnG4JD0dd8S6_Dv0he5M&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL5tnG4JD0dd8S6_Dv0he5M&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.85.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-85-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL5tnG4JD0dd8S6_Dv0he5M&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6863
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMwNDQ2MDE2OTE2MzI5NDc5OTc%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMwNDQ2MDE2OTE2MzI5NDc5OTc%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMwNDQ2MDE2OTE2MzI5NDc5OTc%3D
date
Sun, 04 Apr 2021 11:18:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame 6863 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=13044601691632947997&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 5CC2911CECF8463E9E1FBB9A85E036BE Ref B: FRAEDGE1518 Ref C: 2021-04-04T11:18:10Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 6863
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13044601691632947997?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-zv_0djVE2oSNSWhg0urWlJ7yMGA9k0S0iXiVh0HcXQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-zv_0djVE2oSNSWhg0urWlJ7yMGA9k0S0iXiVh0HcXQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.85.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-85-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 04 Apr 2021 11:18:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-zv_0djVE2oSNSWhg0urWlJ7yMGA9k0S0iXiVh0HcXQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6863
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4067890039530243391&dongle=4d58&gdpr=1&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4067890039530243391&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.85.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-85-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:11 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.252:80
AN-X-Request-Uuid
0da286de-e0e3-44d9-b137-b1a08e00bf4e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=4067890039530243391&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 6863
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=13044601691632947997
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13044601691632947997&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13044601691632947997&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:10 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13044601691632947997&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6863
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
  • https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.85.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-85-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
date
Sun, 04 Apr 2021 11:18:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
ib.adnxs.com/prebid/ Frame 6863 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=13044601691632947997
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 6863 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=13044601691632947997
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 6C3D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 6C3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL5tnG4JD0dd8S6_Dv0he5M&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL5tnG4JD0dd8S6_Dv0he5M&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.85.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-85-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL5tnG4JD0dd8S6_Dv0he5M&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6C3D
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMwNDQ2MDE2OTE2MzI5NDc5OTc%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMwNDQ2MDE2OTE2MzI5NDc5OTc%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTMwNDQ2MDE2OTE2MzI5NDc5OTc%3D
date
Sun, 04 Apr 2021 11:18:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame 6C3D 		42 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=13044601691632947997&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:09 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 0FCB3E3AB8A94F098AA803A767874D5B Ref B: FRAEDGE1518 Ref C: 2021-04-04T11:18:10Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 6C3D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13044601691632947997?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-zv_0djVE2oSNSWhg0urWlJ7yMGA9k0S0iXiVh0HcXQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-zv_0djVE2oSNSWhg0urWlJ7yMGA9k0S0iXiVh0HcXQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.85.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-85-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 04 Apr 2021 11:18:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-zv_0djVE2oSNSWhg0urWlJ7yMGA9k0S0iXiVh0HcXQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6C3D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4067890039530243391&dongle=4d58&gdpr=1&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4067890039530243391&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.85.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-85-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:11 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.156:80
AN-X-Request-Uuid
71b9d98a-c339-46fb-8670-8c8a43a0d630
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=4067890039530243391&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 6C3D
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=13044601691632947997
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13044601691632947997&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13044601691632947997&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:10 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13044601691632947997&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6C3D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
  • https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.85.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-85-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
date
Sun, 04 Apr 2021 11:18:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
ib.adnxs.com/prebid/ Frame 6C3D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=13044601691632947997
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 6C3D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=13044601691632947997
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 02C2 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:13 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.151:80
AN-X-Request-Uuid
804bc4ef-1872-4e26-b8e1-413c6d85b04d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
events
prd-collector-anon.ex.co/main/ Frame 7456 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/29d99919-081e-472b-b98e-ef8e991ea6b3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.142.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:10 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ Frame 7456 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1617535090079&cid=5fabf6ba51757f2075197397&cou=BE&AV_PAGE_LOAD_UID=c71865c8-cc30-4710-adc9-eea1c225ebac&AV_CDIM4=c71865c8-cc30-4710-adc9-eea1c225ebac&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:13 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
async_usersync
ib.adnxs.com/ Frame F126 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:13 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.12:80
AN-X-Request-Uuid
6ca06dd9-cd25-4938-82cf-39c533a074c3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
01f2e8x5gvhgrbdarr_406p_000000003.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		163 KB
164 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_406p_000000003.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c3b227b6f2eb22db6934f3c293c2c9290822090ba9ca7fd011991f243b4cd074

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zmGOZwblpDojEReeksgXC65Loe_hhgV4
etag
"fb5380aa87ef83c834becaa71be17c7c"
x-amz-request-id
4WAHZCNTMV2KX6D3
akamai-mon-iucid-del
854168
content-length
166470
x-amz-id-2
o+MDaUF7et35jC3vxn7pnyOpYzw2FKzUAnSnV9JIiFu8f0pBgl+SewZeCaXD6ZVXinwIuTzh2zQ=
last-modified
Sun, 04 Apr 2021 11:05:34 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:10 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
EphbrKJdoWngAigXL_L0piTjGCLxv84xqeiBF7JeHnDxmH0kD0iFvQ==
crum
dsum-sec.casalemedia.com/ Frame FCD2 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=acbbbd46-97bb-49dc-b0c7-c07f8299bd17&expiration=1625397490
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 04 Apr 2021 11:18:10 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
480x270_MP4_3074978016943650634.mp4
video.dailymail.co.uk/video/mol/2021/04/02/3074978016943650634/ 		166 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://video.dailymail.co.uk/video/mol/2021/04/02/3074978016943650634/480x270_MP4_3074978016943650634.mp4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 04 Apr 2021 11:18:13 GMT
last-modified
Fri, 02 Apr 2021 15:33:09 GMT
server
AkamaiNetStorage
etag
"09fc0f96783bf4760f8d31f97b852961:1617377589.084242"
content-type
video/mp4
Content-Range
bytes 0-1823210/1823211
accept-ranges
bytes
Content-Length
1823211
ads
pubads.g.doubleclick.net/gampad/ Frame E7AF 		20 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&hl=en&iu=%2F5765%2Fdm.chromelessvideo%2Fdm_dmnews_news%2Fpreroll&correlator=80717138873821&cust_params=length%3D30%26videoWidth%3D401%26videoHeight%3D225%26play%3D1%26embed%3Dfalse%26ttid%3D3074978016943650634%26domain%3Ddailymail%26flyaway%3Dfalse%26s%3Doff%26videoTitle%3DWoman_opens_fire_on_store_clerk_inside_Bronx_bodega%26video%3DTwitter%26environment%3Dproduction%26pos%3Djw_preroll%26abv%3D4.1.48%26mvt%3Dpermutive_on%2Cuniversalid_on%2Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews%26adx_channel%3D6%26channel%3Dnews%26oov%3Dfalse%26sz%3D401x225&description_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9430839%2FWoman-shoots-New-York-City-deli-employee-calmly-leaving-store.html&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&scor=193877421452929&sz=401x225&vid=3074978016943650634&vpa=auto&vpmute=1&sdkv=h.3.448.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&u_so=l&ctv=0&mpt=videojs&mpv=4.12.15&sdki=44d&adk=2103365773&sdk_apis=2%2C8&sid=969BC4B7-3D46-4A59-8050-97FB5BB99698&eid=418572006&dlt=1617535083641&idt=3325&dt=1617535090847&cookie=ID%3D8460b666206e83ab-221ab7b7f8ba001e%3AT%3D1617535086%3AS%3DALNI_MY2_Vx2_LJjuWTEy8XzD4fwfKgcaA&ged=ve4_td7_tt6_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
18664fd6c1aec7556973ea082d86763210a9aff4734bcbe909b6516ca9edf145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2847
x-xss-protection
0
google-lineitem-id
5082125689
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138272434639
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 02C2 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:13 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.156:80
AN-X-Request-Uuid
fffb6b59-0b90-4b32-9b3f-9512d56b09d2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F126 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:13 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.10:80
AN-X-Request-Uuid
a1eddda4-a736-4999-85e6-90da4ca7dd3d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
8796417
ads.stickyadstv.com/vast/vpaid-adapter/ Frame E7AF 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/8796417?_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d993646e0f2e782c5ef10e36fb926f754fcd8a1fd04e81b6b38c6b842ba87dd6

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:14 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1058
x-sticky-vk
1617535094092044-389
Expires
Sun, 04 Apr 2021 11:18:14 GMT
01f2e8x5gvhgrbdarr_406p_000000004.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		128 KB
129 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_406p_000000004.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
092998032590dade76e99c29a4827afaed00184b423d40a67fbe6594e857e589

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RSXsHTNJtOFcc4mGKB03ZmFxBPIQ5dkN
etag
"c07424830dfe5a802ff18dc994430728"
x-amz-request-id
0YX4QVV2PMK0RQ8Z
akamai-mon-iucid-del
854168
content-length
131463
x-amz-id-2
dWEiW2eI/YwT/R69AmCW2KKGhxwERp+Ctbqq5qFCb7xQViGcR9oPIQcDEIgrATLoTxBPR/+/Ihk=
last-modified
Sun, 04 Apr 2021 11:05:34 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:11 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
jgJv0YPLpxU3rCXgEryNn6R55vtR9c0hIZ-w2ly6BCemExmofeX81g==
PugMaster
image6.pubmatic.com/AdServer/ Frame 9046 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=97111402&p=156054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
eed312a3aa4c47de870600bb272525d110e98c95263ae9ea181130c34bade0b4

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:12 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&pxm=&vb=21&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINE_MINUTEMEDIA_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-hQUexBkFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=398&w=636&om=0&fy=318&gp=1263&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&id=1&ii=4&f=0&j=&t=1617535086190&de=687129217303&cu=1617535086190&m=5334&ar=e4967b0-clean&iw=ce6be00&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1263&lb=53111&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A15%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1320%3A1320%3A0%3A2660&as=1&ag=1345&an=1222&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1222&kw=1022&aj=1&pg=64&pf=64&ib=1&cc=1&bw=1345&bx=1222&ci=1222&jz=1022&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=1&in=1&pd=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5103&cd=1022&ah=5103&am=1022&rf=0&re=0&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=MINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER&bo=undefined&bd=undefined&gw=mailonlineminutemedia634421037781&zMoatDomain=dailymail.co.uk&zMoatSubdomain=dailymail.co.uk&hv=MAILONLINE_MINUTEMEDIA_DISPLAY1-minuteMediaPlayer&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=2098786995&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 04 Apr 2021 11:18:13 GMT
01f2e8x5gvhgrbdarr_audio_000000004.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		65 KB
66 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_audio_000000004.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cf54dfe7fafaaa56c2b549e8e0cd6d9feb95a6a10ccda922dbd8680ae1cde762

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
i8xWuWBPOLJMM6k.OU51r29VbAx4kkmL
etag
"812f2552a51ea1df629348220a50a13c"
x-amz-request-id
GZPQ67H9JC2SAWQ2
akamai-mon-iucid-del
854168
content-length
66391
x-amz-id-2
X42OwdtUfGAZXc/XqOfpWuwEmI+XvHUhNUpsph5ZWzaCIXR5FNehmLdn0FBv5sa5pxQscxMtFyw=
last-modified
Sun, 04 Apr 2021 11:05:34 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:11 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
IAD79-C2
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
bGV_dyzXC7K9cid7jpPVcsV97BvDufH0pWTC8-nyq2uXRYxxJM2HOA==
collect
www.google-analytics.com/ 		35 B
81 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 04 Apr 2021 11:18:12 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 7456 		174 KB
174 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
192a83dad0e3189c6b0c1b05936ab552ad63575130a1b23735f132e1796eb32c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=807836-985871

Response headers

Date
Sun, 04 Apr 2021 11:18:12 GMT
Content-Range
bytes 807836-985871/1336680
Connection
keep-alive
Content-Length
178036
X-Served-By
cache-wdc5539-WDC
Last-Modified
Sun, 04 Apr 2021 09:57:20 GMT
Server
cloudinary
X-Timer
S1617530265.484778,VS0,VE23
ETag
"0ba9872508123fab1f809ba0f92893b3"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552738
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=www.dailymail.co.uk&sn=&cd4=c71865c8-cc30-4710-adc9-eea1c225ebac&cd6=100&cd7=main&ic=0&tgt=0&app=&wi=432&he=244&test=&apppkg=&fv=1&proto=https
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Apr 2021 11:18:13 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.dailymail.co.uk&rs=www.dailymail.co.uk&sid=91585&t=1617535088&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=432&he=244&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1617535088521-990053573371-020698-010-000039&cha=0.05&cb=99152827282&cd4=c71865c8-cc30-4710-adc9-eea1c225ebac&cd6=100&cd7=main&d9=1000&AV_WIDTH=432&AV_HEIGHT=244&nid=56ea678d181f46c76f8b45fb&ncid=5fabf6ba51757f2075197397&e=request&cb=1617535093730&asid=5ff1826de52e2f2dd148e0f4&ofpr=3.5&fpo=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:13 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/217532/0/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217532/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:13 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
moatvideo.js
z.moatads.com/mailonlinejsvideo243552997523/ 		305 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonlinejsvideo243552997523/moatvideo.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5268b13e4083e880105c48eb2350799a7a73ccd3653d458d9e4296a7e8b59c06

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:14 GMT
content-encoding
gzip
last-modified
Mon, 22 Mar 2021 15:22:10 GMT
server
AmazonS3
x-amz-request-id
HK1QV92RZ7EX09D3
etag
"1051cbd5c20edad7b3a7850582d9e21a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=4589
accept-ranges
bytes
content-length
104594
x-amz-id-2
c6An//c6neCIrsEZXV0CaVq/wp1Ma8lP70HG7q1nmS9ta2AjVYdYYOaMaU2S0dECzZIULkVELmg=
csi
csi.gstatic.com/ Frame E7AF 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kn32mkxc&c=5085426599155&slotId=2542713299577.5&qqid=CIPUg-S75O8CFYPRuwgdxMwDaQ&gqid=cqBpYPTzNLWilQfrrLqgAQ&fb=ima-html5&sdkv=h.3.448.1&ppt=videojs&ppv=4.12.15&mrd=6&aab=1&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=418572006&vmfc=2&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4004:806::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:14 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame E7AF 		42 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bm2BLcqBpYIPTNYOj7_UPxJmPyAbUjKTARQAAABABIMiWlhw4AFjP07eNgwRgufjHgNwBsgETd3d3LmRhaWx5bWFpbC5jby51a7oBCzQwMXgyMjVfeG1syAEF2gH_AWh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay9uZXdzL2FydGljbGUtOTQzMzI1Ny9JbnNpZGUtSFEtQ2hpbmVzZS1jeWJlci1yYW5zb20tZ2FuZy5odG1sP25zX21jaGFubmVsPXJzcyZuc19jYW1wYWlnbj0xNDkwJml0bz0xNDkwJl9oc21pPTg4OTc0NzQ0Jl9oc2VuYz1wMkFOcXR6LThVWjBKbnZPVVBScS1waHlydFJGZW9EMGktd3c1U2RNTEVXUkRyVzVQbDdIeldnRVNXbE45N0RleVBOTzViZ3BfeG01M0praGxfR3NxXzNSRW9rWS1qeHl6YzQ5LZgClQOpAiYvD4y2Nbc-wAIC4AIA6gIvLzU3NjUvZG0uY2hyb21lbGVzc3ZpZGVvL2RtX2RtbmV3c19uZXdzL3ByZXJvbGz4AoHSHpADyAaYA4wGqAMB4AQB0gUGEPmqrPcSkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4Acf0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB0BUBgBcB&sigh=VYfaL8-VoVo&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.448.1&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E7AF 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvYpWUbFuPHGLHslUKCnFnISfc7ECdrc7Jb0Dxzy5y7PN0cVcL--UEUBfP6Wo1rKVD_86c2bAwfTQgxoc0QT91bLxqGMnd4LRz5FXXy15CX2FyOY428kc0UP8lPe9mQ9-ezc_Ro1E1zzUXZDn-xKg_3mTZ0vOSxz6QuwkwblIfZ6wLvGCk8W5-ji0YaHh8cGbK2DWDdu_d-p-z3NOu_pukFvSGcBUtOhfCtxpJpHeaJPnKmH8XuK2ldOT6ysNcXnkGlVUYwwwTeYcUEHChbWLwdw6dUk830b5gVnVevfZvPdYou1TaK2lHjmRo-A6tyDGswz-WBySwoWbzzFROhb0dhgzFbQ&sig=Cg0ArKJSzMVdFW2P9kYuEAE&sdkv=h.3.448.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUwODIxMjU2ODkyDDEzODI3MjQzNDYzOUD6AQpmCAESE2Fkcy5zdGlja3lhZHN0di5jb20aC3N0aWNreUFEU3R2IAIqDXZwYWlkLWFkYXB0ZXIyDXZwYWlkLWFkYXB0ZXJAvxhSHSUAAKBBKAE6B3Vua25vd25CB3Vua25vd25QAGABGAE.&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 04 Apr 2021 11:18:14 GMT
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 5342 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f2e894b7e3b50ebc842bf653792c63d598ac4b6345c279aaef7616a63f19341
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 17:44:01 GMT
server
sffe
age
517
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18070
x-xss-protection
0
expires
Sun, 04 Apr 2021 11:24:37 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 5342 		328 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Mar 2021 03:29:54 GMT
ETag
"1616556594"
X-HW
1617535094.dop005.fr8.t,1617535094.cds106.fr8.shn,1617535094.cds106.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
113077
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 992D
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9110328642663396958
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9110328642663396958
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=97111402&p=156054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_80=16514-CAESEOSEk9t4VYTzke6tvL3uqAM&KRTB&22987-CAESEOSEk9t4VYTzke6tvL3uqAM&KRTB&23025-CAESEOSEk9t4VYTzke6tvL3uqAM; PugT=1617535096; PUBMDCID=3; KRTBCOOKIE_57=22776-4067890039530243391
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 04 Apr 2021 11:18:16 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-9110328642663396958; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 04-May-2021 11:18:16 GMT; path=/ PugT=1617535096; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 04-May-2021 11:18:16 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Jul-2021 11:18:16 GMT; path=/
X-lat
amspug006:0:363
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9110328642663396958
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame F350 		43 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=97111402&p=156054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sun, 04 Apr 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1141
date
Sun, 04 Apr 2021 11:18:13 GMT
content-length
43
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9046
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H8KjTbx0SSWhuTCjCprjwA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=59644
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Mon, 05 Apr 2021 03:52:21 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 9046 		95 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
63aa22843a4505cc-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
093e33e6ac000005ccc3225000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 9046
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:15 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:15 GMT
frontend-id
9
location
/pubmatic/1/info2?sType=sync&sExtCookieId=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 9046
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&addseg=20
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&addseg=20
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:18 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Sun, 04 Apr 2021 11:18:17 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0&addseg=20
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 9046
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUZDMkEzNEQtQkM3NC00OTI1LUExQjktMzBBMzBBOUFFM0Mw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:16 GMT
X-lat
amspug007:0:356
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9046
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOSEk9t4VYTzke6tvL3uqAM&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOSEk9t4VYTzke6tvL3uqAM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:16 GMT
X-lat
amspug008:0:537
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOSEk9t4VYTzke6tvL3uqAM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 9046 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 03 Apr 2021 11:18:14 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9046
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ca33fd27-d505-467f-9f68-2b4d5fdee6f4
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ca33fd27-d505-467f-9f68-2b4d5fdee6f4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:21 GMT
X-lat
lhrpug008:0:678
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ca33fd27-d505-467f-9f68-2b4d5fdee6f4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 9046
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8770401214796418885
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8770401214796418885
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:21 GMT
X-lat
lhrpug003:0:534
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:14 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8770401214796418885
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 9046
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:558a6069-a075-4100-b54e-e6d81ed65afe&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:558a6069-a075-4100-b54e-e6d81ed65afe&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:21 GMT
X-lat
lhrpug014:0:867
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Sun, 04 Apr 2021 11:18:09 GMT
Server
MT3 3628 75f709e master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:558a6069-a075-4100-b54e-e6d81ed65afe&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Apr 2021 11:18:08 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9046
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4067890039530243391&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4067890039530243391&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:16 GMT
X-lat
amspug010:0:386
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:15 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.137:80
AN-X-Request-Uuid
0ebeeeca-f9e4-44f6-99f6-3be4de4ac1ce
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4067890039530243391&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9046 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1FC2A34D-BC74-4925-A1B9-30A30A9AE3C0?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:14 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 5342 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1617535094496
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:14 GMT
Last-Modified
Wed, 24 Mar 2021 03:29:54 GMT
ETag
"1616556594"
X-HW
1617535094.dop243.fr8.t,1617535094.cds052.fr8.shn,1617535094.cds052.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67403b81ec4d4d093dca5c175ef28c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g081_6947260328863070484
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=Njc0MDNiODFlYzRkNGQwOTNkY2E1YzE3NWVmMjhj&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEJMFcotKk-utDHq4AB2qefc&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=ca33fd27-d505-467f-9f68-2b4d5fdee6f4
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=YGmgd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YGmgdwAAAGmwNRNi&_test=YGmgdwAAAGmwNRNi
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=558a6069-a075-4100-b54e-e6d81ed65afe&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8770401214796418885
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=2384280886308774858
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AADdtk7A00EAACmm_n_dxQ&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67403b81ec4d4d093dca5c175ef28c&gdpr=0&gdpr_consent=?gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-qx06VAJE2oPENwXIGDpYx4OxqWbw3khPh2GX0ATL~A
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame 5342 		301 B
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=8796417&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:14 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1617535094358090-389
Expires
Sun, 04 Apr 2021 11:18:14 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 5342 		67 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=8796417&_fw_gdpr=1&_fw_gdpr_consent=&vav=9751b81061c4c0a71d24f439a63af485&vaviv=521a77b3753b21484efaaa30817b7aac&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&percentViewable=100&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&playerSize=445x250&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:14 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1617535094625079-352
Expires
Sun, 04 Apr 2021 11:18:14 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Njc0MDNiODFlYzRkNGQwOTNkY2E1YzE3NWVmMjhj&gdpr=0&gdpr_consent=
170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Njc0MDNiODFlYzRkNGQwOTNkY2E1YzE3NWVmMjhj&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Njc0MDNiODFlYzRkNGQwOTNkY2E1YzE3NWVmMjhj&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1617535094482092-349
Expires
Sun, 04 Apr 2021 11:18:14 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=67403b81ec4d4d093dca5c175ef28c&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=67403b81ec4d4d093dca5c175ef28c&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:15 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=67403b81ec4d4d093dca5c175ef28c&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1617535094738018-392
Expires
Sun, 04 Apr 2021 11:18:14 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame E7AF 		42 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bm2BLcqBpYIPTNYOj7_UPxJmPyAbUjKTARQAAABABIMiWlhw4AFjP07eNgwRgufjHgNwBsgETd3d3LmRhaWx5bWFpbC5jby51a7oBCzQwMXgyMjVfeG1syAEF2gH_AWh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay9uZXdzL2FydGljbGUtOTQzMzI1Ny9JbnNpZGUtSFEtQ2hpbmVzZS1jeWJlci1yYW5zb20tZ2FuZy5odG1sP25zX21jaGFubmVsPXJzcyZuc19jYW1wYWlnbj0xNDkwJml0bz0xNDkwJl9oc21pPTg4OTc0NzQ0Jl9oc2VuYz1wMkFOcXR6LThVWjBKbnZPVVBScS1waHlydFJGZW9EMGktd3c1U2RNTEVXUkRyVzVQbDdIeldnRVNXbE45N0RleVBOTzViZ3BfeG01M0praGxfR3NxXzNSRW9rWS1qeHl6YzQ5LZgClQOpAiYvD4y2Nbc-wAIC4AIA6gIvLzU3NjUvZG0uY2hyb21lbGVzc3ZpZGVvL2RtX2RtbmV3c19uZXdzL3ByZXJvbGz4AoHSHpADyAaYA4wGqAMB4AQB0gUGEPmqrPcSkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4Acf0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB0BUBgBcB&sigh=VYfaL8-VoVo&label=videoplayfailed901&acvw=&sdkv=h.3.448.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUwODIxMjU2ODkyDDEzODI3MjQzNDYzOUD6AQprCAESE2Fkcy5zdGlja3lhZHN0di5jb20aC3N0aWNreUFEU3R2IAIqDXZwYWlkLWFkYXB0ZXIyDXZwYWlkLWFkYXB0ZXJAvxhSIhAEJQAAoEEoAToHdW5rbm93bkIHdW5rbm93bkjlBFAAYAEYAQ..
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		168 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
c56ee3cc13b1d5e54254ba5511a23010557dcc7492aaf08ceb8c7798c9d2302a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:15 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
168
Expires
0
arj
mailonline-uk-d.openx.net/w/1.0/ 		173 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-uk-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f4ddb811-efba-4a78-a998-124e3acf7fb8%2Cf4ddb811-efba-4a78-a998-124e3acf7fb8&nocache=1617535094918&pubcid=0c92a29f-5391-4b15-873b-cf2bf278513b&ttduuid=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7&aus=300x250%7C300x250&divIds=mpu_player%2Cmpu_player&auid=541063092%2C541063092
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
9c3636edc7b1f6f291561769e27142dcae52625356595b5f5d019454366e8a20

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:14 GMT
content-encoding
gzip
server
OXGW/16.205.50
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		26 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=503172&v=7.2&r=%7B%22id%22%3A%22235bc25b4d6c25a9%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22236939ea5a25402%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503172%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22237aa7cdd0b8fb7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503172%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6cc777a47ce56ac71b7f1d98c8f0dbaff8d7a0dd0fb2c56f49fae4b6f1ebdb10

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:14 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.136], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
28
expires
Sun, 04 Apr 2021 11:18:14 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_player&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
f8b59ff6442515d8f00028ea55697f7b097a055cc82f4e88e06d319018745401

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 04 Apr 2021 11:18:14 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ib.adnxs.com/ut/v3/ 		19 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:15 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.140:80
AN-X-Request-Uuid
43baec8e-4aa7-4df2-b618-0602674508d3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		253 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8625&site_id=124374&zone_id=1694080&size_id=15&tpid_tdid=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7&eid_pubcid.org=0c92a29f-5391-4b15-873b-cf2bf278513b%5E1&rf=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&tg_i.area=news&tk_flint=pbjs_lite_v4.13.0-mol-1&x_source.tid=f4ddb811-efba-4a78-a998-124e3acf7fb8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=2&rand=0.12790822334619611
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
52738b341a067420ac09b73046691052b0b5caaa5edd02e74304ea6581e2a2d2

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:16 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
253
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
0
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=10&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22mpu_player%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
b84677c9d507861ede2db86349957b3fff926d3857fb11595ab96d8866314798

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:14 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
24
x-amz-cf-id
ZRwGE9PaNslvcDUHdcLinz_S9CWoxp-_7yUkDT9hU8_MMQZKHIlRzQ==
01f2e8x5gvhgrbdarr_audio_000000005.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		65 KB
66 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_audio_000000005.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
15f3f6d7d2640a1b585b931433b3a6e3f258b2f3e0cdea5bf2f644c5dc520851

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FIVAiplGCfRkmbdkn4z1NXHJkr8XJBYX
etag
"9749d81c77162ec7419f3fdaa95de0ce"
x-amz-request-id
MAAQ18ANHMA4VJRP
akamai-mon-iucid-del
854168
content-length
66682
x-amz-id-2
SmXMZ0ijhr8qkw6AZimgvG2vlFki1lZnROe75/M8HBuR6uoP5kjLEdGUh2jH8VGiYchcE4l6kns=
last-modified
Sun, 04 Apr 2021 11:05:36 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:15 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
6-QLN_WokrFFZMSuKH-J-ufVqZgO4keS_rdPe_kHQFu3BF763jb4SQ==
01f2e8x5gvhgrbdarr_406p_000000005.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		278 KB
280 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_406p_000000005.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b2451067cf8b3c99e806115a529d93858bb253c6d78304d425f971d21a81278c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5NeLThH_lMb9FQtKQO4KfrkHMxmmS31C
etag
"5bd2c4828278e007f371ecb6fd50d51a"
x-amz-request-id
MAAVF07B047F4RQA
akamai-mon-iucid-del
854168
content-length
285099
x-amz-id-2
Aq/Kjj9xDbhdfKUt+VbqU46iLhFycdXttUUiHN/V9eOLadjJqKzGoRuA1/oGe4lrWoNHJ9EGZu8=
last-modified
Sun, 04 Apr 2021 11:05:36 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:15 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
ORD51-C3
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
cN-oCGbsI_E0TAM_PZOYAQFVCMV0Yxv7grs6fiqWuMWlxetJNgAJsg==
SPug
simage4.pubmatic.com/AdServer/ Frame 9046 		0
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156054&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Sun, 04 Apr 2021 11:18:16 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&pxm=&vb=21&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=MAILONLINE_MINUTEMEDIA_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&th=3321063859&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-hQUexBkFGpK4fCGFDVJ8vAq%2BUZ%2FvKDL4IjtFOewYCG7c8ePmuvZ6rDGw&sc=1&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=398&w=636&om=0&fy=318&gp=1263&zGSRC=1&gu=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&id=1&ii=4&f=0&j=&t=1617535086190&de=687129217303&cu=1617535086190&m=10419&ar=e4967b0-clean&iw=ce6be00&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1263&lb=53111&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A15%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1320%3A1320%3A0%3A2660&as=1&ag=1345&an=1345&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1222&kw=1022&aj=1&pg=64&pf=64&ib=1&cc=1&bw=1345&bx=1345&ci=1222&jz=1022&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=1&in=1&pd=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10189&cd=5103&ah=10189&am=5103&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=MINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER%3AMINUTEMEDIAPLAYER&bo=undefined&bd=undefined&gw=mailonlineminutemedia634421037781&zMoatDomain=dailymail.co.uk&zMoatSubdomain=dailymail.co.uk&hv=MAILONLINE_MINUTEMEDIA_DISPLAY1-minuteMediaPlayer&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=189983&na=1488305174&cs=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:16 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 04 Apr 2021 11:18:16 GMT
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 7456 		94 KB
94 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
4cc50fd2d13d1ed3233132174a770885113cd4957f6fcc8dcaa9e1daf44255a9

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=985872-1081751

Response headers

Date
Sun, 04 Apr 2021 11:18:16 GMT
Content-Range
bytes 985872-1081751/1336680
Connection
keep-alive
Content-Length
95880
X-Served-By
cache-wdc5539-WDC
Last-Modified
Sun, 04 Apr 2021 09:57:20 GMT
Server
cloudinary
X-Timer
S1617530265.484778,VS0,VE23
ETag
"0ba9872508123fab1f809ba0f92893b3"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552734
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 04 Apr 2021 11:18:16 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		382 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=635640543029996&correlator=4385785736212819&output=ldjh&impl=fif&hxva=1&scor=94833395266455&eid=31060550%2C31060641%2C21068110%2C44739387&vrg=2021033001&ptt=17&sc=1&sfv=1-0-38&ecs=20210404&iu_parts=5765%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_player&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=pos%3Dmpu_player%26adx_channel%3D18%26nobids%3Dtrue%26refreshCount%3D0%26offset%3D0%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9433257%26environment%3Dproduction%26country%3Dde%26abv%3D4.1.48%26mvt%3Dpermutive_on%252Cuniversalid_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews&cookie=ID%3D8460b666206e83ab%3AT%3D1617535086%3AS%3DALNI_MZLlth6pu5CRP6I3kj4W91bk-EjrA&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1617535096920&dlt=1617535083641&idt=1494&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=13237621&ucis=b&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=0x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8H-6JjlQZ5J043oF6qd3u-GiW5X7rHw64WWlJG8oK929oJF3vQ7cCAN5FIXwaB3Henq-ov2nl6N-GJA36Xti1LlS2ubXTWnWShpA%2CAGkb-H8SfDhFDKrGiW8nHBl-3iyGvjftnDm6yCDiKLR_iBsjkeDdT3vgeWYN1D_l2NtSL9xFOjNtXBWNuOuj8pYYkR4f6nnVf50%2CAGkb-H-YfcCHR14BaMIClvHZMP9xreout139UttyeuMfel7Bk-4uq1huB43r2f-dkbgPtEGVimQahSs777aBleVFXbErrdDS0OM&ga_vid=963463219.1617535085&ga_sid=1617535085&ga_hid=785477306&ga_fc=false&fws=644&ohw=445
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
edcc2c1588e4241b428647605cf5d2adfd4bae02674734823e010233a40d84c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
174
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
480x270_MP4_3074978016943650634.mp4
video.dailymail.co.uk/video/mol/2021/04/02/3074978016943650634/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://video.dailymail.co.uk/video/mol/2021/04/02/3074978016943650634/480x270_MP4_3074978016943650634.mp4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fed2bcfa448afdf10e5fb53b531dff06bb4bd1ddb9d9318f45b32be85ec974f1

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=163840-

Response headers

date
Sun, 04 Apr 2021 11:18:17 GMT
last-modified
Fri, 02 Apr 2021 15:33:09 GMT
server
AkamaiNetStorage
etag
"09fc0f96783bf4760f8d31f97b852961:1617377589.084242"
content-type
video/mp4
Content-Range
bytes 163840-1823210/1823211
accept-ranges
bytes
Content-Length
1659371
video_info
context.iris.tv/ 		260 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=W491AUI45FTTFWD&platform_id=3074978016943650634&uc=1
Requested by
Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.25.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Zer01ne /
Resource Hash
cee1ef144e6f32a5a0055f9c3ee79ea96dbb0618ee4eb5f2ef2b7b290af7b515

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:09:35 GMT
via
1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
server
Zer01ne
age
522
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop
FRA56-C2
x-robots-tag
noindex, follow
x-amz-cf-id
YuY5xzQFxu-LzD8LPD6Fj1gOEk6G1nLmt9FJweHEnxphP6n5o4a0HA==
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=dados
  • https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=748c2405-9537-11eb-81a6-14d534133906
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=748c2405-9537-11eb-81a6-14d534133906
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Sun, 04 Apr 2021 11:18:17 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
7
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sun, 04 Apr 2021 11:18:17 GMT
Server
nginx
Location
/partner?source=dados&__user_check__=1&sync_id=748c2405-9537-11eb-81a6-14d534133906
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
57
Connection
keep-alive
Content-Length
0
video_info
context.iris.tv/ 		234 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://context.iris.tv/video_info?access_token=1d9f05c8b00daddfbffcf5afa8a0691bf6370c0cd9dfc8bc6fb38e13c4474dab&global=GlobalIrisPlayer&client_token=W491AUI45FTTFWD&platform_id=797823018040051465&uc=1
Requested by
Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/context/iris-context.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.25.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Zer01ne /
Resource Hash
309aa1253b3ca616de2b8348ed92b0b652482cd56e13fd747123a5d1714b6a66

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:06:04 GMT
via
1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
server
Zer01ne
age
733
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600, stale-while-revalidate=600, stale-if-error=600
x-amz-cf-pop
FRA56-C2
x-robots-tag
noindex, follow
x-amz-cf-id
pbVPOSEzRQmQKlrPXscNpdgPGFTeW4QwiXrTw0wqWhsxf6qnn3PfaA==
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		162 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
95d20f69c64fac35d400f760c1dae2f400193a28051dd44e51aa64ebb2bd04f9

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:17 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
162
Expires
0
openrtb
ads.adaptv.advertising.com/rtb/ 		0
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-244.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
907faaea78c708b84c2f6b51c16b2e8ca140614b5b7feff50f0d5de6c43a2234

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:17 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
expires
0
auction
tlx.3lift.com/header/ 		19 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.13.0-mol-1&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&tmax=1500
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.225.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-225-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:17 GMT
x-auction-status
12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		26 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=293354&v=8.1&r=%7B%22id%22%3A%2226186cc8830372c4%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22262baf2f44d56c7e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22293354%22%2C%22sid%22%3A%22401x225%22%7D%2C%22video%22%3A%7B%22startdelay%22%3A0%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22w%22%3A401%2C%22h%22%3A225%2C%22placement%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&nf=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
68646f4f029507fb375a8a7e028f6decd531175ec09729fdf0e031cf09e46a8d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:17 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.136], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
28
expires
Sun, 04 Apr 2021 11:18:17 GMT
avjp
mailonline-uk-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-uk-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=14ef27a7-20a9-4a32-8e0a-72f03682820f&nocache=1617535097535&pubcid=0c92a29f-5391-4b15-873b-cf2bf278513b&ttduuid=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7&auid=540675388&vwd=401&vht=225
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:17 GMT
via
1.1 google
server
OXGW/16.205.50
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:17 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.154:80
AN-X-Request-Uuid
b0adc429-a923-4ac2-bf35-396ad3441f64
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		162 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
0cb8919e24a159da4c88949996d4d75c46c9b74ddf8b8d8eb397dfdf4b02957b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:17 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
162
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:17 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.239:80
AN-X-Request-Uuid
c070f69a-e352-4422-b9e1-e72a8e5266f3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		26 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=293354&v=8.1&r=%7B%22id%22%3A%222740470d482b0663%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222751e10dfab6fef%22%2C%22ext%22%3A%7B%22siteID%22%3A%22293354%22%2C%22sid%22%3A%22401x225%22%7D%2C%22video%22%3A%7B%22startdelay%22%3A0%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22w%22%3A401%2C%22h%22%3A225%2C%22placement%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&nf=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
56f795b2b0ae20c787ea17895b7b3b39df0888e5cadcf5b25a68b5c89c6b2475

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:17 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.136], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
28
expires
Sun, 04 Apr 2021 11:18:17 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
0
auction
tlx.3lift.com/header/ 		19 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.13.0-mol-1&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&tmax=1500
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.225.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-225-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:17 GMT
x-auction-status
12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
avjp
mailonline-uk-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-uk-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=22fb66b6-1e5e-422e-9459-fda20bd46e7c&nocache=1617535097547&pubcid=0c92a29f-5391-4b15-873b-cf2bf278513b&ttduuid=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7&auid=540675388&vwd=401&vht=225
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:17 GMT
via
1.1 google
server
OXGW/16.205.50
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-244.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a73b07b79ef2a5fe195950c84b1b975ca213f8d8ed68d884513b36425e8109a5

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:17 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
expires
0
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=11&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22id%22%3A%22jw_video_desktop%22%2C%22mt%22%3A%22v%22%2C%22kv%22%3A%7B%22irisid%22%3A%22iris_08146183cd00af92%22%2C%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
843ca27aa5a55f23f36493f7a6c93bd16bae165e07e4be441ea45723b586eae2

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:17 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
24
x-amz-cf-id
I1elNI9-ZhnHK3VCpc99X19VXC2W4AiTUxLkwJZVOF6Uk8Lo7esG0g==
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=12&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22id%22%3A%22jw_video_desktop%22%2C%22mt%22%3A%22v%22%2C%22kv%22%3A%7B%22irisid%22%3A%22iris_2e5506d074ddd5e6%22%2C%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
63c3f35eed8f9fae951373f4f0642d09521b1b86c8d3a6d679047bc5440790fb

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:17 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
24
x-amz-cf-id
kvUxPCQrnwIQbnwQnl-qiO0k1s3p1oJXC53EbumZrqMGPbiPBUo5DA==
/
crta.dailymail.co.uk/ 		8 B
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.10 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:17 GMT
server
http-to-kafka/0.8.10
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Sun, 04 Apr 2021 11:18:17 GMT
events
bidder.criteo.com/csm/ 		0
149 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:17 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
track
atrack.avplayer.com/ Frame 7456 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M18&cb=1617535097939&cid=5fabf6ba51757f2075197397&cou=BE&AV_PAGE_LOAD_UID=c71865c8-cc30-4710-adc9-eea1c225ebac&AV_CDIM4=c71865c8-cc30-4710-adc9-eea1c225ebac&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:17 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
225114
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/225114
Requested by
Host: js.spotx.tv
URL: https://js.spotx.tv/directsdk/v1/234272.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
x-openrtb-version
2.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 04 Apr 2021 11:18:18 GMT
X-SpotX-Timing-Transform
0.000280
X-SpotX-Timing-SpotMarket
0.011165
X-SpotX-Timing-Page-Mux
0.001061
X-SpotX-Timing-Page-Require
0.000313
X-fe
096
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000030
X-SpotX-Timing-Page
0.015772
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000603
Last-Modified
Sun, 04 Apr 2021 11:18:18 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.011165
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
X-SpotX-Timing-Page-Misc
0.002310
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
225114
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/225114
Requested by
Host: js.spotx.tv
URL: https://js.spotx.tv/directsdk/v1/234272.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
x-openrtb-version
2.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 04 Apr 2021 11:18:18 GMT
X-SpotX-Timing-Transform
0.000282
X-SpotX-Timing-SpotMarket
0.009210
X-SpotX-Timing-Page-Mux
0.000912
X-SpotX-Timing-Page-Require
0.000317
X-fe
099
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000020
X-SpotX-Timing-Page
0.014505
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000359
Last-Modified
Sun, 04 Apr 2021 11:18:18 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.009210
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
X-SpotX-Timing-Page-Misc
0.003392
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
225114
search.spotxchange.com/openrtb/2.3/dados/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/225114
Protocol
HTTP/1.1
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sun, 04 Apr 2021 11:18:18 GMT
Content-Type
text/plain;charset=UTF-8
Content-Length
0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Sun, 04 Apr 2021 11:18:18 GMT
Cache-Control
no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Access-Control-Allow-Headers
content-type,x-openrtb-version
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
2592000
225114
search.spotxchange.com/openrtb/2.3/dados/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/225114
Protocol
HTTP/1.1
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sun, 04 Apr 2021 11:18:18 GMT
Content-Type
text/plain;charset=UTF-8
Content-Length
0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Sun, 04 Apr 2021 11:18:18 GMT
Cache-Control
no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Access-Control-Allow-Headers
content-type,x-openrtb-version
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
2592000
/
crta.dailymail.co.uk/ 		8 B
448 B 		Other
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.10 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:18 GMT
server
http-to-kafka/0.8.10
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Sun, 04 Apr 2021 11:18:18 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.dailymail.co.uk&rs=www.dailymail.co.uk&sid=91585&t=1617535088&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=432&he=244&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1617535088521-990053573371-020698-010-000039&cha=0.05&cb=99152827282&cd4=c71865c8-cc30-4710-adc9-eea1c225ebac&cd6=100&cd7=main&d9=1000&AV_WIDTH=432&AV_HEIGHT=244
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Apr 2021 11:18:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.dailymail.co.uk&rs=www.dailymail.co.uk&sid=91585&t=1617535088&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=432&he=244&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1617535088521-990053573371-020698-010-000039&cha=0.05&cb=99152827282&cd4=c71865c8-cc30-4710-adc9-eea1c225ebac&cd6=100&cd7=main&d9=1000&AV_WIDTH=432&AV_HEIGHT=244&nid=56ea678d181f46c76f8b45fb&ncid=5fabf6ba51757f2075197397&e=request&cb=1617535098774&asid=5ff1826de52e2f2dd148e0f4&ofpr=3.5&fpo=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/217532/0/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217532/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:18 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:18 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 30 Mar 2022 11:18:18 GMT
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:18 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 30 Mar 2022 11:18:18 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&n...
43 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10001&ns_st_cl=120000&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=0&ns_st_ci=01f2e8x5gvhgrbdarr&ns_st_pt=10001&ns_st_dpt=10001&ns_st_ipt=10001&ns_st_ap=10001&ns_st_dap=10001&ns_st_et=10001&ns_st_det=10001&ns_st_upc=10001&ns_st_dupc=10001&ns_st_iupc=10001&ns_st_upa=10001&ns_st_dupa=10001&ns_st_iupa=10001&ns_st_lpc=10001&ns_st_dlpc=10001&ns_st_lpa=10001&ns_st_dlpa=10001&ns_st_pa=10001&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1617535099057&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Entertainment&ns_st_st=*null&ns_st_ce=1&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=floor8&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&c8=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&c9=&cs_ak_ss=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:19 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10001&ns_st_cl=120000&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=0&ns_st_ci=01f2e8x5gvhgrbdarr&ns_st_pt=10001&ns_st_dpt=10001&ns_st_ipt=10001&ns_st_ap=10001&ns_st_dap=10001&ns_st_et=10001&ns_st_det=10001&ns_st_upc=10001&ns_st_dupc=10001&ns_st_iupc=10001&ns_st_upa=10001&ns_st_dupa=10001&ns_st_iupa=10001&ns_st_lpc=10001&ns_st_dlpc=10001&ns_st_lpa=10001&ns_st_dlpa=10001&ns_st_pa=10001&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1617535099057&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Entertainment&ns_st_st=*null&ns_st_ce=1&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=floor8&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&c8=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:19 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
01f2e8x5gvhgrbdarr_audio_000000006.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		65 KB
65 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_audio_000000006.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ed304fb06060fcb6104e29fd4dde7e97e0b009e3d70abd66a580f046a0c13c17

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
I3rGbXNL1HBpMMeKRyvTXioM9gdKGXhy
etag
"7d6ff1ce3cdabc73644b08a656135421"
x-amz-request-id
DWZH9TA1HDCKY9HJ
akamai-mon-iucid-del
854168
content-length
66285
x-amz-id-2
5ZUy9X6zTSRYMn7kX/tRI8jYo3iQZnynodUA+3varSm1i7PKRw90E1kUfJvJCs+abbntFJ2CvlI=
last-modified
Sun, 04 Apr 2021 11:05:37 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:19 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
IAD79-C2
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
YyuGK_eIKJHVKdtLdHB52tUSeeK6t8AH8NdVAdpgA2gZYfG5zsh6eg==
01f2e8x5gvhgrbdarr_406p_000000006.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		224 KB
225 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_406p_000000006.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a08c3a22391793fb96692ebd33edb18d914f99eb0836bb4af5e4d84f1c34cef4

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
NhCVfu0zfNO7EJs15gn05Sjd26fxJ0NF
etag
"50b1bdab385f49a01c2a468feb27c83f"
x-amz-request-id
DWZH1PNGY8TN88GA
akamai-mon-iucid-del
854168
content-length
229102
x-amz-id-2
G3uWAftpKdzM4vGzD8CzdP4Pb4aX5qARF6wITfQfWYyDwPqeaOc4wKslgVkLnFP0rjnNFqzsRnI=
last-modified
Sun, 04 Apr 2021 11:05:37 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:19 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
ORD52-C2
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
lPJ9G_r7f-yTTX8Y-SkGvtGwy00FLYFpJ-Yue5k4rN7CY6KWCPk6QQ==
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 7456 		159 KB
159 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
edf5c9a4ea5a6cec5b43b8b34622496a96e2cbaaa1f92caad2bc0a15facd48cf

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1081752-1244371

Response headers

Date
Sun, 04 Apr 2021 11:18:21 GMT
Content-Range
bytes 1081752-1244371/1336680
Connection
keep-alive
Content-Length
162620
X-Served-By
cache-wdc5539-WDC
Last-Modified
Sun, 04 Apr 2021 09:57:20 GMT
Server
cloudinary
X-Timer
S1617530265.484778,VS0,VE23
ETag
"0ba9872508123fab1f809ba0f92893b3"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552729
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 04 Apr 2021 11:18:20 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021033001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0857f5bcedfa2730388687f01ab29745e3966535f94824b3b7184f39d11e8535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6585
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 4016 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.dailymail.co.uk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1537
date
Sun, 04 Apr 2021 11:18:20 GMT
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sun, 04 Apr 2021 11:18:21 GMT
PMS.js
vidstat.taboola.com/PMS/3.2.2/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_4_5/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:21 GMT
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront), 1.1 varnish
age
2390438
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
17509
x-served-by
cache-fra19121-FRA
last-modified
Thu, 21 Jan 2021 11:30:56 GMT
server
AmazonS3
x-timer
S1617535102.833051,VS0,VE0
etag
"f237b8d35060f133ac8c595fd1234e1c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
ZgeHpWiKr7Os5AWICTvB2fN_4EB-g-OJVsAVZDEHjRwKHVMII-_3bg==
x-cache-hits
386841
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0BCA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 04 Apr 2021 11:00:48 GMT
expires
Mon, 04 Apr 2022 11:00:48 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1053
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content14_10_18m.js
vidstat.taboola.com/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_4_5/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:21 GMT
via
1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront), 1.1 varnish
age
2293553
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-fra19121-FRA
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1617535102.929686,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA54
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
-TROi2rJAwAJZGjvQ1UUl45pz7OKYS6cCd8hK2LTON4-GEHuquvUjw==
x-cache-hits
442462
oppsula.js
vidstat.taboola.com/oppsula/1.3.8/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_4_5/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:21 GMT
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront), 1.1 varnish
age
4524209
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
5164
x-served-by
cache-fra19121-FRA
last-modified
Tue, 14 Apr 2020 06:07:12 GMT
server
AmazonS3
x-timer
S1617535102.932373,VS0,VE0
etag
"328b70146f77a19d2bc0172c656d921e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
aMkVreRZ2W_s9kpAVgUTQiU-V01sC2tQqC4rwufH-1HkDTxCNvJRIg==
x-cache-hits
1180157
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_4_5/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:21 GMT
via
1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront), 1.1 varnish
age
2103578
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-fra19121-FRA
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1617535102.932364,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
tVjOQezH1wdhCUO52gTfdk6ub6-eFlOu78HAbC2yUByKCYVp3BoenA==
x-cache-hits
364859
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v12.1.2/ 		545 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.2/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_4_5/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f945c51048597580e69d43f98e7ce3c63f8c7b0a2235c988d03ff27a38b61628

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:21 GMT
via
1.1 varnish
age
440006
x-amz-meta-mtime
1617095019
x-cache
HIT
x-amz-meta-ctime
1617095032
x-amz-meta-mode
33188
content-encoding
br
content-length
113823
x-amz-id-2
h4xOcq/lrkIgk7n6KyvMK/JhuQTvxolITnJUuSGEVdfKaRH4ps7rAm/7jJDpFNZLWgGMS0t5fNk=
x-served-by
cache-fra19121-FRA
accept-ranges
bytes
last-modified
Tue, 30 Mar 2021 09:03:53 GMT
server
AmazonS3-br
x-timer
S1617535102.955079,VS0,VE0
etag
"4cdf59918882c7e55b1af8742c08ebe3"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
V5NARK0FNMD87WSW
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
384712
sync
am-match.taboola.com/ Frame B5AC 		973 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_4_5/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
date
Sun, 04 Apr 2021 11:18:21 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3402
7315ad8c-363f-4f72-9f45-df375a339073
https://www.dailymail.co.uk/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/7315ad8c-363f-4f72-9f45-df375a339073
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
6ba84cd7-6230-4afb-87a5-d3d5427d1925
https://www.dailymail.co.uk/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.dailymail.co.uk/6ba84cd7-6230-4afb-87a5-d3d5427d1925
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
sync
taboola-supply-partners.tremorhub.com/ Frame B5AC 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:ae67:61d5:5bef:8e79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:22 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame B5AC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame B5AC 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-63-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:22 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame B5AC
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=773acb36-9537-11eb-a5ea-1541e8ac4806&orig=video&us_privacy=1---
0
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=773acb36-9537-11eb-a5ea-1541e8ac4806&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Sun, 04 Apr 2021 11:18:22 GMT
server
nginx
x-fastly-to-nlb-rtt
5741

Redirect headers

Date
Sun, 04 Apr 2021 11:18:22 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=773acb36-9537-11eb-a5ea-1541e8ac4806&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
14
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame B5AC 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.46.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-46-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
UnhshoEcEp7BUdiAp0L0lVvGOuovhfpkH6FMm_tLZKs.js
pagead2.googlesyndication.com/bg/ Frame 0BCA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UnhshoEcEp7BUdiAp0L0lVvGOuovhfpkH6FMm_tLZKs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52786c86811c129ec151d880a742f4955bc63aea2f85fa641fa14c9bfb4b64ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:24:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
78803
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5661
x-xss-protection
0
expires
Sun, 03 Apr 2022 13:24:59 GMT
/
685b3918.akstat.io/ 		0
205 B 		Other
General
Check archive.org
Download Go to
Full URL
https://685b3918.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:22 GMT
content-type
image/gif
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Sun, 04 Apr 2021 11:18:22 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=4706985&noaop=3&sortOrderType=0&cb=1617535102307&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1056001&pt=-1041841066&tz=120&viewable=true&ddast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1182345&dpubid=223815&abtst=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vB!srd_vI!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.dailymail.co.uk&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
49940f9cafa5d71545bf846b00f35301e58855c4de541521f8c764e18ad8e211

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Sun, 04 Apr 2021 11:18:22 GMT
content-encoding
gzip
access-control-allow-origin
https://www.dailymail.co.uk
machineid
1406
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19121-FRA
pragma
no-cache
server
nginx
x-timer
S1617535102.324014,VS0,VE62
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021033001&jk=635640543029996&bg=!VValVhLNAAY56aLOOek7ACkAdvg8WkRoCuPZQ-5UxQnKM0dmYxkKP3g0o3Kt6LyaaGaS1_X9HbIj0gIAAAByUgAAACxoAQcKAY6mawATEDNq163keQaeAjnQVic0_uX3FxlVlvVbJt9PpGcP77Ihu6rE0SwgRVCfxp19antSeLlMyBzoIEIX2HnM4kGaCV77QXrhhfyOms6Zyo8H-9frawR1kI124WfNA9AngKFYoxVli85tL014q5NvYsPsWdgTvoeRjpJTEG7cnjLFYHco2dK_-trYc9sqOTOD-EDUuhS_u_ivcmAZSlCiiz0wg3gZNzLhctFXZx_hI-zGnCErnpT1apVvffTn7NgtHpTmZsZu6rhQ6H5zcH1oXbBtZonmaWwhuSj-Xo_XhFijafEfz2pTgAy3Wx1WzuNK4J8CkWUibaGtG_HqGo5SRXfuWe8PVhFEYRYvz5MXXqxwZVMGgzMprP3YPrSw9hzRjV2jUcJT4tmXHFRJSbAoXnzurOaSBaJ801iSmFfg91JTaGcSTCHGHUk46jYX8GQ7awUgImEok1Csv0i4Z5pxE9CaZKvDABnb4rA3dL38A_DJIDq303F3zKLImbWSiVtyRhgsOFf-s-w8F65f0JkB42NGrU4nUkcaRc0wvL5NP8Me5lrs0uLp5eobRxPOcneFWpL93GP1vPvRzjHrLCleBVhXmWLmPQ6FbcA-iuxKZekxZFAH1UB8KWGZE3KxOK32AvnhOoPdv2Rirsd5RQrxa8li58j4ncDUvYA43edYuDbipcDw-WeerH00SOU0L5MjiVt6h_HzP3K0LCgJYe7oS1umD9TV0-W4Mw5paPPT44JP_jfJByQRchBIQzkeodQXveAd_-H7b7cnSGTACUkU-ZDhWnCuymXLK8DlXy6Pt06kyFG1ONBx5X8SoqdmpfwA19OcopLL6eSwIQdA0_0UU3sH4ilSJzzJKhfQPR4OzE4O_9XZinLxdvHQhkjLeLqR3aBbQTpHz-Qojw76v5EK6QjJS9HH-fB0i6NHCf1G5UTBHEYdYGbTSHa-Pg1EAxsPAkCiLiemu1_Unk5lQHyp7t_evhKcErN7uAqT72og98_GMCzHhBX8pv31A0RPVLMYykYyhk5ebEBKgbITomzLhyAdule2Tt--MxMZ2B9QKpKJtBRtTpq9326zhoNTSD_KgiDowipRcl0h4-vyeTTgtOKfqFIr0KSXnpIN8wdB2pCC_EEHXjnO8YaK9Bw86SsgY2BamrxY71XJqrcNo5gc7ZC2IA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
01f2e8x5gvhgrbdarr_audio_000000007.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		65 KB
66 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_audio_000000007.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3165cad5dd8b4fe35d604b9e61919d52281d3d8f76bccf9f03d996bba4aa9a18

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
17hK9zmKtN1FGPiO._DWSm3SiGM5pRqX
etag
"0fd6bca6964ab42eb7cc4206d8d393e1"
x-amz-request-id
MHZH3FVE83HKC11C
akamai-mon-iucid-del
854168
content-length
66781
x-amz-id-2
enNoDo3FloLbOf9e86i0p9WFrpaOtnvqHJJFZ1aqvv+ZpcFKMMGYR5vaMh8xM1e1EXCTYPMIfGQ=
last-modified
Sun, 04 Apr 2021 11:05:37 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:23 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
IAD89-C2
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
NMTz6zEGAiMW2KKD9KkXfXoHU11aSRwTQOaUACuLxZTqw0a9Rbk0_g==
01f2e8x5gvhgrbdarr_406p_000000007.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		175 KB
176 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_406p_000000007.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
767b79788957dd1f873660ffc7046dfba0f5c9515b55056bffa8058ccfb89eac

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9JpaeEtyYzCs0oHflHWn4Sm.ArdqfIxR
etag
"2b48c9f478817356f21d1ee4cbbae1c1"
x-amz-request-id
MHZTS5G6VXGNAM35
akamai-mon-iucid-del
854168
content-length
178712
x-amz-id-2
I+vNVhcV7bZGiY4sUR0AHwBtAgXYNAJLSn8CW4dhX8jJRQ7x+qM0cgLIWevLWMiXURXJFUVaFZs=
last-modified
Sun, 04 Apr 2021 11:05:37 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:23 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
Aj-7m1C-apd1lxhyITzxR-i8W8ppqXPYi7d8IckwVLNywn64IuvbEQ==
/
crta.dailymail.co.uk/ 		8 B
573 B 		Other
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:2ab::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.10 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:23 GMT
server
http-to-kafka/0.8.10
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Sun, 04 Apr 2021 11:18:23 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.dailymail.co.uk&rs=www.dailymail.co.uk&sid=91585&t=1617535088&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=432&he=244&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1617535088521-990053573371-020698-010-000039&cha=0.05&cb=99152827282&cd4=c71865c8-cc30-4710-adc9-eea1c225ebac&cd6=100&cd7=main&d9=1000&AV_WIDTH=432&AV_HEIGHT=244
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Apr 2021 11:18:23 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.dailymail.co.uk&rs=www.dailymail.co.uk&sid=91585&t=1617535088&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=432&he=244&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1617535088521-990053573371-020698-010-000039&cha=0.05&cb=99152827282&cd4=c71865c8-cc30-4710-adc9-eea1c225ebac&cd6=100&cd7=main&d9=1000&AV_WIDTH=432&AV_HEIGHT=244&nid=56ea678d181f46c76f8b45fb&ncid=5fabf6ba51757f2075197397&e=request&cb=1617535103878&asid=5ff1826de52e2f2dd148e0f4&ofpr=3.5&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:23 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/217532/0/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217532/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:23 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 04 Apr 2021 11:18:24 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/ Frame 7456 		90 KB
91 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1617530224/landscape401d97e5-53ec-4284-8ac8-2f4fb115da00_1617530097174.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ca30554832f74f90fcf217aa123c72bc327f2a00463d8f9a09851e46cda97f0b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1244372-1336679

Response headers

Date
Sun, 04 Apr 2021 11:18:24 GMT
Content-Range
bytes 1244372-1336679/1336680
Connection
keep-alive
Content-Length
92308
X-Served-By
cache-wdc5539-WDC
Last-Modified
Sun, 04 Apr 2021 09:57:20 GMT
Server
cloudinary
X-Timer
S1617530265.484778,VS0,VE23
ETag
"0ba9872508123fab1f809ba0f92893b3"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31552726
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
sync
am-match.taboola.com/ Frame FC7A 		980 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
248ccb60ff73ec7c27ca22bbfe068770600c60bfc1cf44155fd2b77859d4e9de

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=13480da9-f55a-4115-82af-e49a833f3704-tuct76325fe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
date
Sun, 04 Apr 2021 11:18:26 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3401
sync
taboola-supply-partners.tremorhub.com/ Frame FC7A 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:ae67:61d5:5bef:8e79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:26 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame FC7A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-255-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame FC7A 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-63-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:26 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame FC7A 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.46.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-46-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame 2F2B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7TyMCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBvQHG8YarSajyYy3mwyGy9FgOdgMF8vBcjRcDoHDWKPVZDSZ8XaTwXA5GgyXi9ViuBlOVrvRFDaM5TIZ1AKRy_M1_Q1vEcvzNf0Nb13T5HJDFppOh891r9f9fneRw2l2vh1Os13jt6u-frnL9_krLKenx-xyK0ebzWS12yvpnqfJ5RYy2hqi0-7yvNwa58VleUseds_f7dY57D670PQ22wEAAADgAUBpOQTiBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOgQLRBA4CCY0F_T6vdZHl5jKZ_AAA8FIAAAAhgkAAMqB2VAFSU3Z4AAAAAAAAAALD8____xwDo8f_KAGQczvUAPPgAPBAVqBYxAgAAAJAym0A8mtQJlUUVAABBuhXAFQBAAB6nZmtrGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE2IKR0oDUnzkUvsFBABY-wUEAGBTNwCANwG4oCNoxWCwugGaLGYHAAAAcPf___-vByK25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUy853ZYQ2FN0-HVV0Esz9f0N7x1TZPLID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwozF4rJNFg63wmLxrUULx8QtsS18a4VpsnANlwvDYmRZi14f02-2maxWJi8KBlDtRXCRTkQOp9n5djjNbsnfdxFLNCeLdCK77Cu25co5HI0mjo1hMhmMRs7ZcDFxjjzDxcI0WUz8HYvFZZssHG6FxeJbixaOiVtiW_jWCtNk4RouF4bFyLIWvT6m32wzWa1M_sZssVttVoPhat-YLXarzWowXO07dIbv6nM22qLdc8ekeWqrT5XMfFC4DBbvRrU6jj-Tg7RkNjp96uWyqDP6_X6_3-_3-_1-v0HrOZgNCt_z8BdOH8tzOZyNHoyKWCI4XaQT0ct4uoglkqdFOpGNNh7PwjRaDDaLwWw5sSwXo9HMuVp5DBOLZ7CyiCVK00U60ctdvs9fYTk9PWaXWznabCar3V5p9zxNLrfQ8dYYnXaX5-XWOC8uy1vysHv-brfOYffZhaa32aL-YwNO5orBZK5YzhWb2SoBAAAAAAAAACxhzrwJAAAAwGkgk81wsVouwIPRnu5P9HR_lC9q2O5fPz7nNHTKQXHjxw3kcJqdb4fT7Jb8fVcGeDC6Y97smSDWarWsAQAABLABAAACuHXzHrAGneQA!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 04 Apr 2021 11:18:27 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Sun, 04 Apr 2021 11:18:27 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
01f2e8x5gvhgrbdarr_audio_000000008.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		65 KB
65 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_audio_000000008.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
06d487faf6598c550b1a11b5885d6edd64becaba93a0cd4a584318587fbbade2

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
u71fPD6K6Xeojn9gNSFbFIXHIiCnW0gH
etag
"96528a8c3d1d66b032ab14df632bc09a"
x-amz-request-id
BVVMBB2G5WKH21CJ
akamai-mon-iucid-del
854168
content-length
66311
x-amz-id-2
/Kv+t9OMXhAzUPM5temsxiXft8H0VpY+ypXoidNZGgD5LaCjnIfYT9fdTyZXaYmfABddC5QEcyk=
last-modified
Sun, 04 Apr 2021 11:05:38 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
MIA3-C4
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
ZnvOtn_oPtA2UNPjwCQGgAeMbHI9nz-czzse6MR37cHGX2sdatf8iQ==
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=4706985&noaop=3&sortOrderType=0&cb=1617535107312&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1056001&pt=-1041841066&tz=120&viewable=true&ddast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1182345&dpubid=223815&abtst=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vB!srd_vI!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.dailymail.co.uk&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
eb48062f813c4204ad54dd2fbca0416c37a731578a2a20583f982c4d54c93646

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:27 GMT
content-encoding
gzip
server
nginx
machineid
1409
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 2F2B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a196984036a07f8eed2207ae1b7cd4bab6e6643d2d6e56c78d3f3f2033f1f71b

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 23:26:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84292
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9419
Expires
Mon, 05 Apr 2021 10:43:19 GMT
khaos.jpg
token.rubiconproject.com/ Frame 2F2B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
01f2e8x5gvhgrbdarr_406p_000000008.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		248 KB
249 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_406p_000000008.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
164e1863b91217a10d365bcae23ec66d4973b1426c15ac8f6dc39c45fb85a288

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
tNNMrGY57Vz_8_LXS1bdhvcpMbBNZwDj
etag
"2cc7fc1e300967d039e3b8814762f7e9"
x-amz-request-id
BVVR0NTFCHQPHFNA
akamai-mon-iucid-del
854168
content-length
254076
x-amz-id-2
zHr3aQk/EMoG5mBEJoxrG8IQqgKAvlzQHuGBqiFx9gZofcGDf1K2lJX++3F/0JBCG4TDB8c6fbU=
last-modified
Sun, 04 Apr 2021 11:05:38 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
R7HoBXrlQDenwrWO-ftPQgajhQ7N1KjQgyVEqYbyA-BY7mg-FpP8jg==
track
atrack.avplayer.com/ Frame 7456 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M18&cb=1617535107937&cid=5fabf6ba51757f2075197397&cou=BE&AV_PAGE_LOAD_UID=c71865c8-cc30-4710-adc9-eea1c225ebac&AV_CDIM4=c71865c8-cc30-4710-adc9-eea1c225ebac&AV_ABTEST_TEMPLATE_WIGHT=100&AV_CDIM6=100&AV_ABTEST_TEMPLATE_NAME=main&AV_CDIM7=main
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.dailymail.co.uk&rs=www.dailymail.co.uk&sid=91585&t=1617535088&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=432&he=244&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1617535088521-990053573371-020698-010-000039&cha=0.05&cb=99152827282&cd4=c71865c8-cc30-4710-adc9-eea1c225ebac&cd6=100&cd7=main&d9=1000&AV_WIDTH=432&AV_HEIGHT=244
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Apr 2021 11:18:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.dailymail.co.uk&rs=www.dailymail.co.uk&sid=91585&t=1617535088&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=432&he=244&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1617535088521-990053573371-020698-010-000039&cha=0.05&cb=99152827282&cd4=c71865c8-cc30-4710-adc9-eea1c225ebac&cd6=100&cd7=main&d9=1000&AV_WIDTH=432&AV_HEIGHT=244&nid=56ea678d181f46c76f8b45fb&ncid=5fabf6ba51757f2075197397&e=request&cb=1617535108917&asid=5fcf6f07363e2a459c6cf641%2C5ff1826de52e2f2dd148e0f4&ofpr=3%2C3.5&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/217532/0/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217532/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:28 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
avjp
playbuzzltd-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=08d4c96a-abda-4f92-ac47-18432ec81ac9&nocache=1617535108921&schain=1.0%2C1!playbuzz.com%2C0012000001ONGj5AAH%2C1%2C33132a30bcb24524523dea0ecb706bdf_1723150101%2CDMG%20Media%20Group%2Cdailymail.co.uk&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A432%2C%22h%22%3A244%7D%7D%5D%2C%22w%22%3A432%2C%22v%22%3A244%7D&auid=543835039&vwd=432&vht=244
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:28 GMT
via
1.1 google
server
OXGW/16.205.50
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&n...
43 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=20001&ns_st_cl=120000&ns_st_hc=2&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=0&ns_st_ci=01f2e8x5gvhgrbdarr&ns_st_pt=20001&ns_st_dpt=20001&ns_st_ipt=10000&ns_st_ap=20001&ns_st_dap=20001&ns_st_et=20001&ns_st_det=20001&ns_st_upc=20001&ns_st_dupc=20001&ns_st_iupc=10000&ns_st_upa=20001&ns_st_dupa=20001&ns_st_iupa=10000&ns_st_lpc=20001&ns_st_dlpc=20001&ns_st_lpa=20001&ns_st_dlpa=20001&ns_st_pa=20001&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1617535109057&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Entertainment&ns_st_st=*null&ns_st_ce=1&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=floor8&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&c8=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&c9=&cs_ak_ss=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:29 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=18120612&ns_type=hidden&ns_st_sv=6.2.3.180328&ns_st_smv=5.10&ns_st_it=r&ns_st_id=1617535085582&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=20001&ns_st_cl=120000&ns_st_hc=2&ns_st_mp=js_api&ns_st_mv=6.2.3.180328&ns_st_pn=1&ns_st_tp=0&ns_st_ci=01f2e8x5gvhgrbdarr&ns_st_pt=20001&ns_st_dpt=20001&ns_st_ipt=10000&ns_st_ap=20001&ns_st_dap=20001&ns_st_et=20001&ns_st_det=20001&ns_st_upc=20001&ns_st_dupc=20001&ns_st_iupc=10000&ns_st_upa=20001&ns_st_dupa=20001&ns_st_iupa=10000&ns_st_lpc=20001&ns_st_dlpc=20001&ns_st_lpa=20001&ns_st_dlpa=20001&ns_st_pa=20001&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1617535109057&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Entertainment&ns_st_st=*null&ns_st_ce=1&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=floor8&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&c8=Inside%20the%20HQ%20of%20the%20Chinese%20cyber%20ransom%20gang%20%7C%20Daily%20Mail%20Online&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:29 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
01f2e8x5gvhgrbdarr_audio_000000009.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		65 KB
66 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_audio_000000009.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e5e69290d5897979b5b2dd49c7826b916395adab928b2f65535af12cd078dc8d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8Be_9ZTG8rKK4MbbHilS41.ss1YPva.z
etag
"d30bbfe8b5f009a6060a87b25732fa88"
x-amz-request-id
DWN2P8SZB39S6D2F
akamai-mon-iucid-del
854168
content-length
66737
x-amz-id-2
R4R5gOZjYvMGjAi4sGwNBB1tVj4iJ8TMxB24U3x/Ggyv/2SSQf51txIzT6AFNrUMugt3vxjPe2g=
last-modified
Sun, 04 Apr 2021 11:05:38 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:31 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
MIA3-C4
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
gl6dSGvrK3-rDrLOv0rxI6gBkX2JTJV7hZFvX071ZA_E1ZTZTdeVdA==
01f2e8x5gvhgrbdarr_406p_000000009.mp4
vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/ 		255 KB
257 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vms-videos.minutemediaservices.com/01f2e8x5gvhgrbdarr/mpd/01f2e8x5gvhgrbdarr_406p_000000009.mp4
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
193d58524a4702a5369936bef2d650c2a98cc23d9a2344e7c774040199650b47

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
V2NwNOlBPovLLWJDYxH45SepMG8Mfnm8
etag
"7fd71db17aeb479ef40966bb888c57a9"
x-amz-request-id
DWN10ARR81FBS9AT
akamai-mon-iucid-del
854168
content-length
261476
x-amz-id-2
Pvbfra63J+jnXdoT1jK79J9YXF+LGJpMcyQNNHiHW2SBbfXZLkxt4OzeHE2F4BqRi7rR+Fbv14Y=
last-modified
Sun, 04 Apr 2021 11:05:38 GMT
server
AmazonS3
date
Sun, 04 Apr 2021 11:18:31 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST,OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials
true
x-amz-cf-pop
ORD52-C2
accept-ranges
bytes
access-control-allow-headers
origin,range,hdntl,hdnts
x-amz-cf-id
8aTvVBgy3_PpBzqcB5jliRyWMg79ndUq9hMZayq8oPsFlwLmeCqkmA==
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=4706985&noaop=3&sortOrderType=0&cb=1617535112319&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1056001&pt=-1041841066&tz=120&viewable=true&ddast=V7jrYCFgNA0QWPe6gwogRA0QWPe6gwogUAAAAGBuIHHLNasTar4XJBWw1Ws8FktltsdsPNZDTcbYbAMasVa7MaLhe01WA1G0xms8Vss1qNNpvdcAocwjL7fQcF5fT0mF0GUdH1ttgdTrPnIJmb3JCFptPhc93rdb_fXeRwmp1vh9Ns1_jtqq9f7vJ9_grL6ekxu9zK0WYzWe32SrrnaXK5hYy2hui0uzwvt8Z5cVnekofd83e7dQ67zy40vc12AAAAAHgAOJJOhfgBBACIAAAAAJAAAAAAoAio-LcQuAAAAADAACgQvdAAoOBY0N_TajdZXh6j6R8AAA8FIAAAAhgkAANqRyUAEgqJJwAAAAAAAAAALP____8xAHr8vzIAF3L9PQAPPgAPRAWHRYwAAAAApMwmEI8mdUJlUQUAQJBuBXAFABCAx6nZyhoGAAAwMLZAD4vfb3bYNX63ywAAAAAAAAAAzP7P_tGEmMKR0oAUH7nUfgEBANZ-AQEA2NQNAOBNAC7oCFoxGKxugCaL2QEAAADc_f___-uBiG25cg5Ho4ljY5hMBqORczZcTJwjz3CxME0WE--5HdZQWNN0ePVxCMvs9x0UlNPTY3YZREXX22J3OM2eg2Rust-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhxmJx2SYLh1thsfjWooVj4pbYFr61wjRZuIbLhWExsqxFr4_pN9tMViuTFwUDqPYiuEgnIofT7Hw7nGa35O-7iCWak0U6kV32Fdty5RyORhPHxjCZDEYj52y4mDhHnuFiYZosJv6OxeKyTRYOt8Ji8a1FC8fELbEtfGuFabJwDZcLw2JkWYteH9NvtpmsViZ_Y7bYrTarwXC1b8wWu9VmNRiu9h06w3f1ORtt0e65Y9I8tdWnSmY-KFwGi3ejWh3Hn8lBWjIbnT71clnUGf1-v9_v9_v9fr_foPUczAaF73n4C6eP5bkczkYPRkUsEZwu0onoZTxdxBLJ0yKdCFc2z2hhmTiXI4tjNDGNJsPVbDTcTSaj0cI2mUzEEqXpIp3o5S7f56-wnJ4es8utHG02k9Vur7R7niaXW-h4a4xOu8vzcmucF5flLXnYPX-3W-ew--xC09tsUf-xASdzxWAyVyznis1slQAAAAAAAAAAljBn3gQAAADgNJDJZrhYLRfgwWhP90fylViVvrN3968fn3MaOuWguPHjBnI4zc63w2l2S_6-KwM8GN0xb_ZMEGu1WtYAAAAC2AAAAAHcunkPWINOcg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1182345&dpubid=223815&abtst=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vB!srd_vI!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.dailymail.co.uk&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.2/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
baf688b4b126fe8fcc94c8757a91627ce68670a1d9d77e107fc14a6cdf2a63c5

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:32 GMT
content-encoding
gzip
server
nginx
machineid
1468
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
480x270_MP4_3074978016943650634.mp4
video.dailymail.co.uk/video/mol/2021/04/02/3074978016943650634/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://video.dailymail.co.uk/video/mol/2021/04/02/3074978016943650634/480x270_MP4_3074978016943650634.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 04 Apr 2021 11:18:32 GMT
last-modified
Fri, 02 Apr 2021 15:33:09 GMT
server
AkamaiNetStorage
etag
"09fc0f96783bf4760f8d31f97b852961:1617377589.084242"
content-type
video/mp4
Content-Range
bytes 0-1823210/1823211
accept-ranges
bytes
Content-Length
1823211
ads
pubads.g.doubleclick.net/gampad/ Frame E7AF 		20 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&hl=en&iu=%2F5765%2Fdm.chromelessvideo%2Fdm_dmnews_news%2Fmidroll&correlator=4385785736212819&cust_params=length%3D30%26videoWidth%3D401%26videoHeight%3D225%26play%3D1%26embed%3Dfalse%26ttid%3D3074978016943650634%26domain%3Ddailymail%26flyaway%3Dfalse%26s%3Doff%26videoTitle%3DWoman_opens_fire_on_store_clerk_inside_Bronx_bodega%26video%3DTwitter%26environment%3Dproduction%26pos%3Djw_midroll%26abv%3D4.1.48%26mvt%3Dpermutive_on%2Cuniversalid_on%2Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews%26adx_channel%3D5%26channel%3Dnews%26context%3Dic_5095749%2Cic_9577883%2Cic_3853860%2Cic_3274730%2Cic_1840023%2Cic_9954675%2Cic_3393155%2Cic_4709974%2Cic_1895745%2Cic_6086373%2Cic_9748287%2Cic_2781904%2Cic_4615970%2Cic_6525836%26categories%3D%26oov%3Dfalse%26sz%3D401x225&description_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9430839%2FWoman-shoots-New-York-City-deli-employee-calmly-leaving-store.html&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&scor=94833395266455&sz=401x225&vid=3074978016943650634&vpa=auto&vpmute=1&sdkv=h.3.448.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&u_so=l&ctv=0&mpt=videojs&mpv=4.12.15&sdki=44d&adk=2103365773&sdk_apis=2%2C8&sid=969BC4B7-3D46-4A59-8050-97FB5BB99698&eid=418572006&dlt=1617535083641&idt=3325&dt=1617535112541&cookie_enabled=1&ged=ve4_td29_tt28_pd29_la29000_er0.0.0.0_vi0.0.1200.1600_vp0_ts22_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
679a57f4fa6fa535f92878378829789e3fe109f5122a27fa35ebe34283007257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2867
x-xss-protection
0
google-lineitem-id
5082125689
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138272434639
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
8796417
ads.stickyadstv.com/vast/vpaid-adapter/ Frame E7AF 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/8796417?_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1b5686267b2db8a1a868716cd0bc6a4f1016e6d12672ac815781fce624081ed8

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:32 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1058
x-sticky-vk
1617535112919018-326
Expires
Sun, 04 Apr 2021 11:18:32 GMT
moatvideo.js
z.moatads.com/mailonlinejsvideo243552997523/ 		305 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonlinejsvideo243552997523/moatvideo.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5268b13e4083e880105c48eb2350799a7a73ccd3653d458d9e4296a7e8b59c06

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:33 GMT
content-encoding
gzip
last-modified
Mon, 22 Mar 2021 15:22:10 GMT
server
AmazonS3
x-amz-request-id
HK1QV92RZ7EX09D3
etag
"1051cbd5c20edad7b3a7850582d9e21a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=4570
accept-ranges
bytes
content-length
104594
x-amz-id-2
c6An//c6neCIrsEZXV0CaVq/wp1Ma8lP70HG7q1nmS9ta2AjVYdYYOaMaU2S0dECzZIULkVELmg=
csi
csi.gstatic.com/ Frame E7AF 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kn32mqkf&c=5085426599155&slotId=2542713299577.5&qqid=CKiCsO675O8CFRODewodywsMaw&gqid=iKBpYJK0IvKy-gaD0KGACw&fb=ima-html5&sdkv=h.3.448.1&ppt=videojs&ppv=4.12.15&mrd=6&aab=1&itv=1&met.4=err.kn32mr1j&aec=901
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.448.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4004:806::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:33 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame E7AF 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bv-AciKBpYKieI5OG7gPLl7DYBtSMpMBFAAAAEAEgyJaWHDgAWM_Tt42DBGC5-MeA3AGyARN3d3cuZGFpbHltYWlsLmNvLnVrugELNDAxeDIyNV94bWzIAQXaAf8BaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL25ld3MvYXJ0aWNsZS05NDMzMjU3L0luc2lkZS1IUS1DaGluZXNlLWN5YmVyLXJhbnNvbS1nYW5nLmh0bWw_bnNfbWNoYW5uZWw9cnNzJm5zX2NhbXBhaWduPTE0OTAmaXRvPTE0OTAmX2hzbWk9ODg5NzQ3NDQmX2hzZW5jPXAyQU5xdHotOFVaMEpudk9VUFJxLXBoeXJ0UkZlb0QwaS13dzVTZE1MRVdSRHJXNVBsN0h6V2dFU1dsTjk3RGV5UE5PNWJncF94bTUzSmtobF9Hc3FfM1JFb2tZLWp4eXpjNDktmAKVA6kCJi8PjLY1tz7AAgLgAgDqAi8vNTc2NS9kbS5jaHJvbWVsZXNzdmlkZW8vZG1fZG1uZXdzX25ld3MvbWlkcm9sbPgCgdIekAPIBpgDjAaoAwHgBAHSBQYQ-aqs9xKQBgGgBiSoB-zVG6gH89EbqAeW2BvYBwDgBx7SCAkIgOGAEBABGB3YCAKACgWYCwGADAE&sigh=jODuVNlw_IM&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.448.1&vci=[CREATIVE_PLAYBACK]
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E7AF 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuErVcdWEzYdVI0qkFYmEVYB54aoDtYFK_abetb3lhrg6NZndvKJnIVroA3ju09b6MyQTS9ct-8mpEYLoZ0tPjrAd95VzT4-JqPatD45MhB7kYMrGr7hbOyJkJVbjvf55xRIF4GYwbfWQso6mNQiiaR3T9WADYCuSREbmT7XvA_PqNamUeQ1IKAj93SHP4_ppB1u2yWr9YfqKgU6YmULyMli0i_PWN-KuuIXI-c9BMpXP9zP9iedlZkxxmSpqQgdu1EuuV4ZNf26gTW6PJzGZYOs2-crPbb18tTgvvYrrxHUgAUFiWGU9Ff2jsyvOEaCtbx0XVpfRo79XkrpqLv4t6RhET41A&sig=Cg0ArKJSzMA1mIXMu_TeEAE&sdkv=h.3.448.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUwODIxMjU2ODkyDDEzODI3MjQzNDYzOUCuAgpmCAESE2Fkcy5zdGlja3lhZHN0di5jb20aC3N0aWNreUFEU3R2IAIqDXZwYWlkLWFkYXB0ZXIyDXZwYWlkLWFkYXB0ZXJAjwFSHSUAAKBBKAE6B3Vua25vd25CB3Vua25vd25QAGABGAE.&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 2538 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f2e894b7e3b50ebc842bf653792c63d598ac4b6345c279aaef7616a63f19341
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 17:44:01 GMT
server
sffe
age
536
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18070
x-xss-protection
0
expires
Sun, 04 Apr 2021 11:24:37 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 2538 		328 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Mar 2021 03:29:54 GMT
ETag
"1616556594"
X-HW
1617535113.dop005.fr8.shc,1617535113.dop005.fr8.t,1617535113.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
113077
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 2538 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1617535113460
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 04 Apr 2021 11:18:33 GMT
Last-Modified
Wed, 24 Mar 2021 03:29:54 GMT
ETag
"1616556594"
X-HW
1617535113.dop208.fr8.shc,1617535113.dop208.fr8.t,1617535113.cds212.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=efcb41f766e423299de3a9553f6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser....
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g003_6947260410467266399
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZWZjYjQxZjc2NmU0MjMyOTlkZTNhOTU1M2Y2&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDkytRalD5wu2nLgUC6GCrM&google_cver=1&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YGmghgAAAK08BCkN&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=83ce027b-be10-4fc4-9ef4-f2c98d254386
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=1d6b6069-a088-4700-9eb9-9e7992c874df&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1057358974672962741
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AACe207A00EAACqw35D4IA&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/efcb41f766e423299de3a9553f6&gdpr=0&gdpr_consent=?gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-wqRjEPhE2oO6hFy0UC3DvLzYBWcdMCaYHHmVO7LZ~A
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=2347797517123900663
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame 2538 		301 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=8796417&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:33 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1617535113461094-149
Expires
Sun, 04 Apr 2021 11:18:33 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 2538 		67 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=8796417&_fw_gdpr=1&_fw_gdpr_consent=&vav=9f1700e700d900f911030602731551b7&vaviv=c9475d3b032a8804b96f7c8ed3625a84&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&percentViewable=100&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&playerSize=445x250&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:33 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1617535113488025-345
Expires
Sun, 04 Apr 2021 11:18:33 GMT
user-matching
ads.stickyadstv.com/ Frame 2538 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=efcb41f766e423299de3a9553f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=efcb41f766e423299de3a9553f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:33 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=efcb41f766e423299de3a9553f6&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1617535113515053-128
Expires
Sun, 04 Apr 2021 11:18:33 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZWZjYjQxZjc2NmU0MjMyOTlkZTNhOTU1M2Y2&gdpr=0&gdpr_consent=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZWZjYjQxZjc2NmU0MjMyOTlkZTNhOTU1M2Y2&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZWZjYjQxZjc2NmU0MjMyOTlkZTNhOTU1M2Y2&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1617535113565023-414
Expires
Sun, 04 Apr 2021 11:18:33 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame E7AF 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bv-AciKBpYKieI5OG7gPLl7DYBtSMpMBFAAAAEAEgyJaWHDgAWM_Tt42DBGC5-MeA3AGyARN3d3cuZGFpbHltYWlsLmNvLnVrugELNDAxeDIyNV94bWzIAQXaAf8BaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL25ld3MvYXJ0aWNsZS05NDMzMjU3L0luc2lkZS1IUS1DaGluZXNlLWN5YmVyLXJhbnNvbS1nYW5nLmh0bWw_bnNfbWNoYW5uZWw9cnNzJm5zX2NhbXBhaWduPTE0OTAmaXRvPTE0OTAmX2hzbWk9ODg5NzQ3NDQmX2hzZW5jPXAyQU5xdHotOFVaMEpudk9VUFJxLXBoeXJ0UkZlb0QwaS13dzVTZE1MRVdSRHJXNVBsN0h6V2dFU1dsTjk3RGV5UE5PNWJncF94bTUzSmtobF9Hc3FfM1JFb2tZLWp4eXpjNDktmAKVA6kCJi8PjLY1tz7AAgLgAgDqAi8vNTc2NS9kbS5jaHJvbWVsZXNzdmlkZW8vZG1fZG1uZXdzX25ld3MvbWlkcm9sbPgCgdIekAPIBpgDjAaoAwHgBAHSBQYQ-aqs9xKQBgGgBiSoB-zVG6gH89EbqAeW2BvYBwDgBx7SCAkIgOGAEBABGB3YCAKACgWYCwGADAE&sigh=jODuVNlw_IM&label=videoplayfailed901&acvw=&sdkv=h.3.448.1&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUwODIxMjU2ODkyDDEzODI3MjQzNDYzOUCuAgprCAESE2Fkcy5zdGlja3lhZHN0di5jb20aC3N0aWNreUFEU3R2IAIqDXZwYWlkLWFkYXB0ZXIyDXZwYWlkLWFkYXB0ZXJAjwFSIhAEJQAAoEEoAToHdW5rbm93bkIHdW5rbm93bkjEBFAAYAEYAQ..
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		168 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
3b6f8a6960fd045954373458df9be6dcf1d8b449a21a119e1be66123e53a24f3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:33 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
168
Expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_player&cmd=bid&secure=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
cb382a96db0f4b97aabcb7a2d5b36ed9cf1aeca7b6f2f733cc645cf734300001

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 04 Apr 2021 11:18:33 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
arj
mailonline-uk-d.openx.net/w/1.0/ 		172 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-uk-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=297e266b-48ec-47f3-811c-2bb010602427%2C297e266b-48ec-47f3-811c-2bb010602427&nocache=1617535113659&pubcid=0c92a29f-5391-4b15-873b-cf2bf278513b&ttduuid=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7&aus=300x250%7C300x250&divIds=mpu_player%2Cmpu_player&auid=541063092%2C541063092
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
ab93ac0e7b84ab8a1a01621cabe403ed345ebfa22d3a51c40b52b937f683edea

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:33 GMT
content-encoding
gzip
server
OXGW/16.205.50
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		253 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8625&site_id=124374&zone_id=1694080&size_id=15&tpid_tdid=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7&eid_pubcid.org=0c92a29f-5391-4b15-873b-cf2bf278513b%5E1&rf=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&tg_i.area=news&tk_flint=pbjs_lite_v4.13.0-mol-1&x_source.tid=297e266b-48ec-47f3-811c-2bb010602427&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=2&rand=0.41750791723141845
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f6b328b9c07ccd7739a133ef43e6939bd8aee62eb73636324c67773a7bb288b9

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:33 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
253
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:33 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.244:80
AN-X-Request-Uuid
02925e44-2c66-457d-a7bb-87afdc21e73c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		143 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=106&profileId=185&av=32&wv=4.13.0-mol-1&cb=57976647157
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9786890b61e44e5d33200ef97bdc95104d0c5bcc9f12574f325a64f3dc2cf2ae

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Apr 2021 11:18:32 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
147
cygnus
htlb.casalemedia.com/ 		26 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=503172&v=7.2&r=%7B%22id%22%3A%223048b02e8e6cea64%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22305471c443f5a87d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503172%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223066cd7a34192d3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503172%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed51363ac2882d87546b523cd6913d8ccce5ba8a074d3e10d6757c80a2c4cbbe

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:33 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.136], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
28
expires
Sun, 04 Apr 2021 11:18:33 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=13&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22mpu_player%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
af058bc0a949d80a2234f297e983e6fb3438a7f360daf4cdecd3d717ce047ea7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:33 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
24
x-amz-cf-id
q39sUVpyR1FjenaaJpzgsb_FAu1KXPUJjOi7Hme3q5V42MHZEwkzRg==
events
bidder.criteo.com/csm/ 		0
149 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sun, 04 Apr 2021 11:18:33 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
integrator.js
adservice.google.de/adsid/ 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Apr 2021 11:18:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=635640543029996&correlator=4385785736212819&output=ldjh&impl=fif&hxva=1&scor=2922693054354394&eid=31060550%2C31060641%2C21068110%2C44739387&vrg=2021033001&ptt=17&sc=1&sfv=1-0-38&ecs=20210404&iu_parts=5765%2Cdailymail.uk%2Cdm_dmnews_newsart%2Cmpu_player&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=pos%3Dmpu_player%26adx_channel%3D8%26nobids%3Dtrue%26refreshCount%3D0%26offset%3D15.144843%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9433257%26environment%3Dproduction%26country%3Dde%26abv%3D4.1.48%26mvt%3Dpermutive_on%252Cuniversalid_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D4a88ed38-b846-4594-9d1e-9c40814a9669%26impid%3D628ab651-1dd3-4512-8536-c8d36fd9bec7%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26area%3Dnews%26subarea%3Dnews&cookie=ID%3D42aa889fc73a9377%3AT%3D1617535112%3AS%3DALNI_Mbz5eo-xcInyxzrUvEdn8cv9g-oOw&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1617535113812&dlt=1617535083641&idt=1494&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=13237621&ucis=c&ifi=12&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8H-6JjlQZ5J043oF6qd3u-GiW5X7rHw64WWlJG8oK929oJF3vQ7cCAN5FIXwaB3Henq-ov2nl6N-GJA36Xti1LlS2ubXTWnWShpA%2CAGkb-H8SfDhFDKrGiW8nHBl-3iyGvjftnDm6yCDiKLR_iBsjkeDdT3vgeWYN1D_l2NtSL9xFOjNtXBWNuOuj8pYYkR4f6nnVf50%2CAGkb-H-YfcCHR14BaMIClvHZMP9xreout139UttyeuMfel7Bk-4uq1huB43r2f-dkbgPtEGVimQahSs777aBleVFXbErrdDS0OM&ga_vid=963463219.1617535085&ga_sid=1617535085&ga_hid=785477306&ga_fc=false&fws=644&ohw=445
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021033001.js?31060641
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
186ddea0886c076453794622ab9eab92e24e5220ada6a12432d5cc0a87304044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
174
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.dailymail.co.uk&rs=www.dailymail.co.uk&sid=91585&t=1617535088&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=432&he=244&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1617535088521-990053573371-020698-010-000039&cha=0.05&cb=99152827282&cd4=c71865c8-cc30-4710-adc9-eea1c225ebac&cd6=100&cd7=main&d9=1000&AV_WIDTH=432&AV_HEIGHT=244
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Apr 2021 11:18:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.dailymail.co.uk&rs=www.dailymail.co.uk&sid=91585&t=1617535088&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=432&he=244&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1617535088521-990053573371-020698-010-000039&cha=0.05&cb=99152827282&cd4=c71865c8-cc30-4710-adc9-eea1c225ebac&cd6=100&cd7=main&d9=1000&AV_WIDTH=432&AV_HEIGHT=244&nid=56ea678d181f46c76f8b45fb&ncid=5fabf6ba51757f2075197397&e=request&cb=1617535113966&asid=5ff1826de52e2f2dd148e0f4&ofpr=3.5&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.84.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/217532/0/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/217532/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.dailymail.co.uk
Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:33 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=dados
  • https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=7e7ce3cb-9537-11eb-900d-1f6fc1870506
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=7e7ce3cb-9537-11eb-900d-1f6fc1870506
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Sun, 04 Apr 2021 11:18:34 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
32
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sun, 04 Apr 2021 11:18:34 GMT
Server
nginx
Location
/partner?source=dados&__user_check__=1&sync_id=7e7ce3cb-9537-11eb-900d-1f6fc1870506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
10
Connection
keep-alive
Content-Length
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		162 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
47620b1c1953d23294388bd291afe505ecce08b0a954853bd0daebae721362ae

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:34 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
162
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-244.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
79f7e149cb98d9faaac0cd52ac620ab81a6401634257ca1a4bec050ddfb45fa4

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:34 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
avjp
mailonline-uk-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-uk-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c1407be1-68a2-4964-9616-2b73f49124f7&nocache=1617535114268&pubcid=0c92a29f-5391-4b15-873b-cf2bf278513b&ttduuid=d3c183c2-5a9d-47f7-97d9-0438c0ee3ed7&auid=540675388&vwd=401&vht=225
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:34 GMT
via
1.1 google
server
OXGW/16.205.50
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=MailOnline
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-16-69.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
cygnus
htlb.casalemedia.com/ 		26 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=293354&v=8.1&r=%7B%22id%22%3A%223185c24132bb3114%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22319811ac2ca30c09%22%2C%22ext%22%3A%7B%22siteID%22%3A%22293354%22%2C%22sid%22%3A%22401x225%22%7D%2C%22video%22%3A%7B%22startdelay%22%3A0%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22w%22%3A401%2C%22h%22%3A225%2C%22placement%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&nf=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
88f6dd2db19103f5c7850258d911d6216bcbc9dfda6f63024627059dd82025ba

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:34 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.136], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
28
expires
Sun, 04 Apr 2021 11:18:34 GMT
auction
tlx.3lift.com/header/ 		19 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.13.0-mol-1&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&tmax=1500
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.225.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-225-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Apr 2021 11:18:34 GMT
x-auction-status
12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Apr 2021 11:18:34 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.154:80
AN-X-Request-Uuid
3dbc4503-7779-4d45-906f-504064fd4ad4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		24 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9433257%2FInside-HQ-Chinese-cyber-ransom-gang.html%3Fns_mchannel%3Drss%26ns_campaign%3D1490%26ito%3D1490%26_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM&pid=d9XvekBfspNgN&cb=14&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22id%22%3A%22jw_video_desktop%22%2C%22mt%22%3A%22v%22%2C%22kv%22%3A%7B%22irisid%22%3A%22iris_08146183cd00af92%22%2C%22pubcid%22%3A%224380509870%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
36a74661dfb652c289dd3bdccf3c31dc9ba453a328a4318aa72a34f1454f0842

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Apr 2021 11:18:34 GMT
via
1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
24
x-amz-cf-id
PlHuxzLtUTVJ5WJGv9hu3USawayV0zO3Kle3BmpnqvN8zVaBE0ipWw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F167%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Domain
klkstrm.kargo.com
URL
https://klkstrm.kargo.com/event/boot
Domain
klkstrm.kargo.com
URL
https://klkstrm.kargo.com/event/sync-success
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-qx06VAJE2oPENwXIGDpYx4OxqWbw3khPh2GX0ATL~A
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?ptv=106&profileId=185&av=32&wv=4.13.0-mol-1&cb=28370012459
Domain
ads.adaptv.advertising.com
URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=MailOnline
Domain
ads.adaptv.advertising.com
URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=MailOnline
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=2347797517123900663
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Verdicts & Comments Add Verdict or Comment

404 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated boolean| disableAds object| PageCriteria string| PUSHLY_DOMAIN_KEY boolean| useGpt boolean| ANDDebugOn string| s_account string| s_account15 boolean| haveRenderedSponsoredPollOnPage boolean| useRtp string| twitterVia string| adReferrer string| adType string| dartSiteId string| adAreaSiteId string| adAreaId string| adSubareaId string| adPageType string| adContent string| adSection string| adArticleId string| adEnvironment boolean| enableAds object| webVitals object| RTA function| setImmediate function| clearImmediate object| regeneratorRuntime number| s_objectID number| s_giq function| AppMeasurement function| AppMeasurement_Module_Media function| s_gi function| s_pgicq object| s_c_il number| s_c_in object| DM object| _ object| MobileUtils string| searchTerms object| dm string| refererHost undefined| docReferrerHostMatches undefined| docReferrerHost object| pagemeta string| feTag object| s_i_anddailymailprod string| molMVTest object| adListLoader object| adsDescriptions object| adsRenderer object| DfpServer object| adsTrackers object| AdIntegrator object| AdBehaviour object| AdImpression function| AdEvents function| openAdsControlPanel object| permutive object| googletag object| pubcid_options object| _tfa object| adsmtag object| __gcp object| pbjs object| _pbjsGlobals object| Criteo string| currentChannelTwitterFollow string| inlineModules object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| _gaq string| articleShortUrl object| _taboola object| Ext string| id function| $ function| jQuery object| PublisherCommonId object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| ggeac object| hulk boolean| apstagLOADED object| apstag function| IrisContextAPI object| IrisContextGlobal object| _fbq function| _typeof object| TFASC object| TRC number| taboola_view_id object| TRCImpl function| __trcError boolean| DotMetricsInitScript function| setKargoCookieClickthrough function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| _gat object| gaGlobal object| _tblConsole undefined| msg function| monti object| voltax object| dataLayer object| monetizationEventsReporter function| dispatchComscoreLoadedEvent object| $$mm-analytics object| closure_lm_665431 object| adsm function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| google_tag_manager function| __onGCastApiAvailable object| shaka boolean| CLOSURE_NO_DEPS object| SpotX object| google_tag_data string| GoogleAnalyticsObject function| ga object| omid object| closure_lm_800368 object| ns_ object| muxjs object| FFF object| gaplugins object| gaData object| adBlockQueue object| ABE object| DMS function| emailArticle function| postToDiggit function| postToFark function| postToFB function| postToLinkedIn function| postToPinterest function| postToReddit function| postToTWTTR function| ArticlePage object| DMArticleDefer object| DMDefer function| videojs object| pkcs7 object| Mustache object| TINY object| FFFOverlayHelpers object| s function| submitReportAbuseFunction undefined| initialData object| DotMetricsSettings string| nam object| placementData undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA undefined| ad object| Kargo object| DotmetricsJSON object| CryptoJS object| DotMetricsObj object| cmTag object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _cm_wfCounters string| lastWfUrl object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager undefined| define function| startCMTagMain object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106 string| pbPageIdentifier object| __EXCO object| _moatApi7242854 object| closure_lm_344460 number| BOOMR_onload object| GoogleGcLKhOms string| category function| shuffle object| arrToUse object| travel object| news object| mobilecontent1 object| mobilecontent1_new object| travelmuted object| movietrailersHD object| movietrailersHDmuted object| widescreen object| movietrailerslight object| landscapeHD object| landscapeHDmuted object| blank object| blankblack object| blankblack7 object| blankblack5 object| blankblack_mob object| blankwhiteHDmpg object| blankblack10 object| blankwhite object| blankwhiteHD object| black_loader object| lightweight object| lightweight_single object| lightweight300600 object| bonnier object| home object| lipstick object| shoes object| art object| infiltrator object| glass object| lemurs object| NBAshoes object| Sunglasses object| Hummus object| Short_food object| Short_swim object| Euro_news object| Automoto_TV object| Uzoo object| SmartDuvet object| Tiger object| Chocolate object| Logan object| Jacket object| Bike object| Kanye object| Cancun object| Smartwatch object| Helicopter object| dogshampoo object| icetea object| charger object| blueysmoothie object| ShortContent object| carbsandwich object| pisatower object| Food1 object| Food2 object| Food3 object| Food4 object| Food5 object| Food6 object| Food7 object| Fashion object| Lifestyle1 object| Lifestyle2 object| Technology1 object| Technology2 object| Technology3 object| Entertainment object| Scrambledeggs object| Spinach object| Bub1 object| Pokemon object| style_hacks object| Motorcycle object| IceCracking object| Manatees object| Daiving object| Fishing_Lure object| Shark object| HundredsManatees object| TigerShark object| MandelaPrize object| Bertram35 object| bushfire object| Snow object| Delta object| Wheels object| Yellowfin object| Grip object| Kawasaki object| Yoga object| Cat object| Chickens object| RZR object| bitcoin object| bmw object| wombat object| koala object| Marsupial object| puppy object| bitcoinMuted object| bmwMuted object| Wallabies object| Bunny object| Pumpkins object| Dogs_Stress object| Dogs_Stress_image object| lightweight300600_short object| playlist function| webpackHotUpdate string| vpaidId function| OvaMediaPlayer object| google_image_requests

18 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8770401214796418885&KRTB&23263-8770401214796418885
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-ca33fd27-d505-467f-9f68-2b4d5fdee6f4&KRTB&22918-ca33fd27-d505-467f-9f68-2b4d5fdee6f4&KRTB&23031-ca33fd27-d505-467f-9f68-2b4d5fdee6f4
.pubmatic.com/ Name: PugT
Value: 1617535101
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:558a6069-a075-4100-b54e-e6d81ed65afe&KRTB&16736-uid:558a6069-a075-4100-b54e-e6d81ed65afe&KRTB&23019-uid:558a6069-a075-4100-b54e-e6d81ed65afe&KRTB&23114-uid:558a6069-a075-4100-b54e-e6d81ed65afe
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-9110328642663396958
.pubmatic.com/ Name: PUBMDCID
Value: 3
.3lift.com/ Name: tluid
Value: 1455907060129918838
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEOSEk9t4VYTzke6tvL3uqAM&KRTB&22987-CAESEOSEk9t4VYTzke6tvL3uqAM&KRTB&23025-CAESEOSEk9t4VYTzke6tvL3uqAM
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4067890039530243391
.casalemedia.com/ Name: CMST
Value: YGmgemBpoHoA
.openx.net/ Name: i
Value: 992a031a-932e-4949-9b61-11c15dea7b31|1617535097
.casalemedia.com/ Name: CMRUM3
Value: 396069a07a2760875739025642716504
.casalemedia.com/ Name: CMPS
Value: 1132
.casalemedia.com/ Name: CMPRO
Value: 1132
.dailymail.co.uk/ Name: RT
Value: "z=1&dm=dailymail.co.uk&si=bbc7c5cd-13af-4ae0-bd9b-9f51c2a2c09c&ss=kn32mhx7&sl=1&tt=eee&bcn=%2F%2F685b3918.akstat.io%2F&ld=ef4"
.casalemedia.com/ Name: CMID
Value: YGmgeuhqRTQcp8NGIbI6RwAA
.dailymail.co.uk/ Name: bm_sv
Value: 3BB5DD015B9D434ABCA3D6A414FBD157~g6wId8v6GfuwSZQYJmANbBxfmSkjhKRwMbqvskcupithQRylqaRMYAsgELW6t9xBhB+BheRqX0JeaHbdcoLOYPn9ew6D8AY6o8vMDYOkDx3ltk35MJX3nZ49Bkg5V4pxdIC4ialtN2F11TW12XT4ky4gweVTAovY0HXl227xe58=
.dailymail.co.uk/ Name: ak_bmsc
Value: 005022740C97F39EE82B4FC26494F652687E2464ED5B000079A069601643A450~pl+xM31cSSj+zQG4IPpsA8Ycc6rFiL2AKz3B90sBsqz98adeielxhYNe7H//e1xG0Wi9ghDZ9+R3mrBBQ+lLVV91KB4iL8Nw0/9SFJAmna7z1RjonVywtQAKw3BZgm3tEhtqyLJRlKo6UNs4szfr5n1d+k1grNlG9p8HilId8DrGCFqYgzHQJVBy4Ws2JJ2eFXbTCWd3WZ4gTnR/CHtrPGIlZKTuo2cH/mN6prTASTP67ex4oVtiYLSIR21ENVmzFu

54 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/VW9HC37sQLfSW8f6NNZ5f3xZGW50jS-p4p-LXhN8fXWCp2-Hx1V1-WJV7CgGFMW686NVR4cj-nxW4sw2Kj6DG3pFW6M4kKb6cv6yFW3Qf74g1xTvWrVVP0ZV51xnyhW7YM2Td59pbrMVG8jj188WwBvW3F8X4f31D5k_W2fP6ss8Fg8h4W1X0b9_7DCp6PW4W8J7d4p_gpVW2RGx3k91_4pgN8ll1_9DrdfZW910KJT55wZS7W5JnZ315FNLGVW1m62-V3pK49HW6k_Rc-3r3xVdW5qYjfg2gGg8CW8vfRJZ3nLBk0W6Ck2Tb3YcvsbW633FJ08xnT9RW1t7CTY4qtS6WW95dkVJ7kdpSSW1V_ljY8MqSkrW5c4w0H2hhcJJV_XM1C2YTNKvW483rtb179-y3W35n9HF8zYt3gVjYX746Z43y6W46_jxR57PlCP38sY1(Line 13)
Message:
toS
console-api info URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.12.2/desktop.js(Line 1)
Message:
Current log level: ERROR
console-api error URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.12.2/desktop.js(Line 8)
Message:
[mol-fe] ERROR: Error reinforcing cookies TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
unabled to parse repromptVersion
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
Error calling pluginSetup on plugin 'tcfv2': TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
Error initializing plugin "paidSessions": TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
Error initializing plugin "abe.conversion": TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
Error initializing plugin "analytics.cacheIndication": TypeError: Cannot read property 'getItem' of null
console-api log URL: https://ovp.iris.tv/libs/context/iris-context.min.js(Line 1)
Message:
[Iris Context API] v1.0.5
console-api warning URL: https://cdn.permutive.com/5f42864d-a421-4f37-9478-00266f871d68-web.js(Line 1)
Message:
Permutive was not initialized. localStorage not supported
console-api debug URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js(Line 739)
Message:
EmeEncryptionSchemePolyfill: Waiting to detect encryptionScheme support.
console-api debug URL: https://ajax.googleapis.com/ajax/libs/shaka-player/3.0.8/shaka-player.compiled.js(Line 744)
Message:
McEncryptionSchemePolyfill: Waiting to detect encryptionScheme support.
console-api error URL: https://www.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.12.2/desktop.js(Line 8)
Message:
[mol-fe] ERROR: Error initialising windows notification widget ReferenceError: Notification is not defined
console-api log URL: https://ovp.iris.tv/libs/context/iris-context.min.js(Line 1)
Message:
[Iris] Not able to get video info because platform_id is empty undefined
console-api error URL: https://www.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js(Line 1)
Message:
Cannot read property 'getItem' of null
console-api error URL: https://www.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js(Line 1)
Message:
Cannot read property 'getItem' of null
console-api warning URL: https://storage.cloud.kargo.com/ad/network/klick/klick-dailymail.js(Line 1)
Message:
Could not create local storage item TypeError: Cannot read property 'setItem' of null
console-api error URL: https://www.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js(Line 1)
Message:
Cannot read property 'getItem' of null
console-api error URL: https://www.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js(Line 1)
Message:
Cannot read property 'getItem' of null
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
console-api info URL: https://player.ex.co/player/29d99919-081e-472b-b98e-ef8e991ea6b3(Line 6)
Message:
[exco-log] - 4/4/2021, 1:18:07 PM: logger - enabled
console-api warning URL: https://player.ex.co/player/29d99919-081e-472b-b98e-ef8e991ea6b3(Line 6)
Message:
[exco-log] - 4/4/2021, 1:18:07 PM: queryParams targeting was not met
console-api warning URL: https://player.ex.co/player/29d99919-081e-472b-b98e-ef8e991ea6b3(Line 6)
Message:
[exco-log] - 4/4/2021, 1:18:07 PM: queryParams targeting was not met
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.dailymail.co.uk/news/article-9433257/Inside-HQ-Chinese-cyber-ransom-gang.html?ns_mchannel=rss&ns_campaign=1490&ito=1490&_hsmi=88974744&_hsenc=p2ANqtz-8UZ0JnvOUPRq-phyrtRFeoD0i-ww5SdMLEWRDrW5Pl7HzWgESWlN97DeyPNO5bgp_xm53Jkhl_Gsq_3REokY-jxyzc49-kwUvxwV7h2h-IFaRBMSM
console-api warning URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61)
Message:
13:18:14,493 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api error URL: https://www.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js(Line 6)
Message:
### Video ads error [object Object]
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js(Line 1)
Message:
Cannot read property 'getItem' of null
console-api error URL: https://www.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js(Line 1)
Message:
Cannot read property 'setItem' of null
console-api warning URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61)
Message:
13:18:33,458 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api error URL: https://www.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js(Line 6)
Message:
### Video ads error [object Object]
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://www.dailymail.co.uk/static/mol-adverts/4.1.48/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
685b3918.akstat.io
a.teads.tv
aa.agkn.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.adaptv.advertising.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
aka.spotxcdn.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
assets.mm-syringe.com
atrack.avplayer.com
aud.pubmatic.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
bttrack.com
bucket1.mm-syringe.com
c.amazon-adsystem.com
c.bing.com
c.go-mpulse.net
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cd32f34bb612852e9ea5161e8650c4b1.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.permutive.com
cdn.playbuzz.com
cdn.stickyadstv.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
context.iris.tv
crb.kargo.com
creative.dailymail.co.uk
crta.dailymail.co.uk
csi.gstatic.com
d.agkn.com
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fff.dailymail.co.uk
fonts.googleapis.com
fonts.gstatic.com
github-releases.githubusercontent.com
github.com
google-analytics.com
googleads.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
hulkprod.anm.co.uk
i.dailymail.co.uk
i.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
info.silobreaker.com
js-sec.indexww.com
js.spotx.tv
klkstrm.kargo.com
krk.kargo.com
macro.adnami.io
mailonline-uk-d.openx.net
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mcd.ex.co
mfad.inskinad.com
ml314.com
mwzeom.zeotap.com
odr.mookie1.com
ovp.iris.tv
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
playbuzzltd-d.openx.net
player.aniview.com
player.avplayer.com
player.ex.co
pm.w55c.net
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
pre.ads.justpremium.com
prebid-server.rubiconproject.com
prebid.adnxs.com
premiumsrv.aniview.com
pubads.g.doubleclick.net
px.moatads.com
px.owneriq.net
r.scoota.co
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.c.appier.net
s.go-mpulse.net
s0.2mdn.net
sak.userreport.com
sb.scorecardresearch.com
scripts.dailymail.co.uk
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secured.dailymail.co.uk
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
storage.cloud.kargo.com
swa.and.co.uk
sync-t1.taboola.com
sync-tm.everesttech.net
sync.adotmob.com
sync.crwdcntrl.net
sync.extend.tv
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.sxp.smartclip.net
sync.taboola.com
t.dailymail.co.uk
taboola-supply-partners.tremorhub.com
tag.1rx.io
tags.bluekai.com
ted.dailymail.co.uk
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
uk-script.dotmetrics.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
video.dailymail.co.uk
vidstat.taboola.com
visitor.fiftyt.com
vms-videos.minutemediaservices.com
wf.taboola.com
www.dailymail.co.uk
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.newzit.com
www.oo-syringe.com
x.bidswitch.net
z.moatads.com
ads.adaptv.advertising.com
ads.stickyadstv.com
bidder.criteo.com
klkstrm.kargo.com
pixel.tapad.com
104.111.230.142
104.111.238.139
104.111.242.53
104.19.149.54
13.226.158.204
13.226.159.34
13.226.159.83
13.32.25.65
134.209.129.254
140.82.121.3
141.226.224.32
141.226.228.48
142.250.185.226
151.101.114.137
151.101.13.44
151.101.14.49
159.253.128.188
169.197.150.7
172.105.199.172
172.217.18.98
174.137.133.49
178.250.0.163
178.250.2.131
18.133.35.94
18.157.138.23
18.158.206.137
18.158.85.202
18.159.16.69
18.185.167.149
18.194.113.221
18.195.155.181
18.195.223.2
18.195.225.18
18.195.240.234
18.198.141.227
18.202.255.125
184.30.212.16
184.31.84.150
185.183.112.148
185.199.111.154
185.255.84.151
185.29.133.208
185.64.189.110
185.64.189.112
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
185.86.139.89
185.94.180.123
185.94.180.126
185.94.180.128
192.132.33.46
193.0.160.128
198.148.27.140
199.60.103.2
2.16.107.83
2.16.186.146
2.16.186.25
2.16.186.27
2.16.186.40
2.18.232.130
2.18.232.234
2.18.232.7
2.18.233.13
2.18.233.180
2.18.234.21
2.18.234.233
2.18.235.40
2001:4de0:ac19::1:b:1b
2001:678:cb4:bbbb::11
213.155.156.168
213.19.147.210
213.19.162.51
23.79.152.128
2600:1f18:612b:4200:ae67:61d5:5bef:8e79
2600:9000:206f:8c00:8:5c85:cdc0:93a1
2600:9000:2182:9600:15:d134:4e40:93a1
2606:4700:10::ac43:db6
2606:4700:20::681a:ad1
2606:4700::6812:4ba
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:c11::200
2800:3f0:4004:806::2003
2a00:1288:110:c305::8000
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::200e
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2006
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c1b::9c
2a02:2638::1c
2a02:2638::3
2a02:26f0:64::214:846e
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:287::11a6
2a02:26f0:6c00:28a::2c79
2a02:26f0:6c00:2a6::16c2
2a02:26f0:6c00::210:bab8
2a02:26f0:6c00::210:bb72
2a02:26f0:7100:2ab::16c2
2a02:26f0:7100:2b0::16c2
2a02:fa8:8806:13::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
3.123.96.39
3.124.46.162
3.126.56.137
3.126.63.176
3.91.110.183
34.204.22.100
34.234.142.36
34.241.183.220
34.98.67.61
35.157.246.167
35.158.19.244
35.181.18.61
35.186.253.211
35.201.96.126
35.227.248.159
35.244.159.8
35.244.174.68
37.157.4.39
37.252.161.190
37.252.172.37
37.252.172.38
51.178.20.140
52.211.195.119
52.215.39.23
52.45.11.130
52.49.59.93
52.51.154.44
52.57.128.70
54.194.226.253
54.204.142.198
54.225.88.36
54.234.77.96
54.236.84.15
54.239.17.112
54.36.109.46
54.82.47.56
54.83.155.67
63.251.232.170
66.155.71.25
69.173.144.165
70.42.32.95
72.251.249.14
77.243.60.138
01ae4bee7f4b463778e1e929d83b4eedcaf598d05ae8e748030259b5b5f0b083
0315752edc64489c4616949b4511b7fd8bcdf2148e64a5f0f9c3a7244d5cad30
03482ceb4519a7706406f47e5992b55e9e5974abd56c45af482a7e1a09d836e6
04b2684e2a85ed8bf65eb0e6a3b4d942ebe82fcec4169bf3b322b9ad06f6565f
04f8b162a211c2895b0efe7116a6784e3cbe5066a7bd0d15fd4e94708832a85d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
055b8013783b742462dfbe24990962bb2c49548451953c3a56a0c54d5dd076d8
0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc
0683c596082cc534e1053cc24ac2a420e0a0748f9f21ad59a97a0e5869df2a2f
06b867a218a1e78ca8f45eabd695546cb53e3e2a560f25075cdcbefe95b338ba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d487faf6598c550b1a11b5885d6edd64becaba93a0cd4a584318587fbbade2
0857f5bcedfa2730388687f01ab29745e3966535f94824b3b7184f39d11e8535
08cbadc6957dd17b23964ba5763146e595ce4be96dbbb12f297909b1f70eff25
092998032590dade76e99c29a4827afaed00184b423d40a67fbe6594e857e589
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a9cf5469d2f5bb2df25f03326c396cfff7973769d710b13136895de7646213e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7e7d1bedae2fca5895468c68d7a3f06c5fa573a19fbdc1ea4da51441d59458
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf60782546bae441a6ce4783c2169777d728af37759e9805acbdaa48122cf36
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c0d3b58108bc05d9f3405648f97898f2f97c9e1baa4da97e76d66118a8dbf01
0c6fea22bf52f9e1d41ebb8a9196e44a48712f944e26f1eaceb9c3bf705794f1
0c7912ff68380c2a84d28cf812215fb6d230d5750f9f67b328970e01d0da5a37
0cb8919e24a159da4c88949996d4d75c46c9b74ddf8b8d8eb397dfdf4b02957b
0cfc55d698f3e53876435b6fd603c29e1f8a4d8b7183829f01820781cf115884
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0df474e48707b28278d81205847fae75d40cf513fda5e4809a994a83e456edad
0df622b080094d3402f87b5cb36b85a177c20f919c3ba8e31157a80095a685ce
0ef8411501eb4144cee27cad2570efaec5c834e01e885623afc8951dbca7b56f
10d217fc2d14b793dd2acba83780093ff88896b4433f7eb36bfc4a220f78350f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
11afb41e206dd6ec196ba00e38057ec164bebfd5f7b7618da7591581368f3cc8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13eaa370f2ff74eb34920d3eeb7b6c55bdc71bb32fc5f6fbeea2e88c623dd4ba
144798287486de761bf37f93e9cc80633d813fcd056dff39214248d76f7ff0d4
14c06cb1aa5319f9fcd028cbd042f4f375fae511f8f584a6cbb959c99f0e6f9e
14ef26c6f8220a3f50d166386ea7ae97fddafc3748cf03be9655639300c3f5ca
1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8
151b95232ed826cb2a868f20fd4d001853e6a3de976ceeb0b5eef976626271b3
15eec323fa35b2e0463f42bbeb518c6e938ba98c0986bab9b4bcd70f52c86719
15f3f6d7d2640a1b585b931433b3a6e3f258b2f3e0cdea5bf2f644c5dc520851
164e1863b91217a10d365bcae23ec66d4973b1426c15ac8f6dc39c45fb85a288
16b895ebb88f0c49d8686ec799ba42cc70e7a41e71350d984587b3fdd46a4fbb
17246a32f2ac24f44938610240902d157ddc7687a13a12e42ad4eae9e0c2da4e
18664fd6c1aec7556973ea082d86763210a9aff4734bcbe909b6516ca9edf145
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
186ddea0886c076453794622ab9eab92e24e5220ada6a12432d5cc0a87304044
192a83dad0e3189c6b0c1b05936ab552ad63575130a1b23735f132e1796eb32c
193d58524a4702a5369936bef2d650c2a98cc23d9a2344e7c774040199650b47
1afd24017bd33359d395870b56ee7f6eae364be65814bbabde43f8c17ff19af3
1b5686267b2db8a1a868716cd0bc6a4f1016e6d12672ac815781fce624081ed8
1b7347be748b15ded4400f4bcb2bbfd25772f5c3dd05eb78abfdab8d34cd1a1f
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d188cadb253c70a5a87ebdcea65f7407044606b5c4cf2ca9891970161aa9232
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1e20ec535cfeccaee25513877a0bed3cb33a988a2e27b4e0bf6ff6a206daa783
1e2512ffab2a6f12181cbb3434c114a16ccc6ab3b4863035bc9a540d35450ef2
1f6053246a777a7c3bc9cb967df3ca25581cd7bf8858fdb9e1a53c4d12db8538
1fa1ee6b20ea378058e4f8267ab158f8a07214d39e2a98d600783f7ffc026ad2
1ff6b77df58945bb220e06384bee1aa5748c34136f5e4305e48494bf97508736
2082a8d84c8d27a07801a23beb6a1647f18397bbcb66f4c218572eecae5bd63e
20b8a16c955e7bcab455388b9870c44f09d2cacf74d6ba625aeca757d76db531
20db5d28bdc3307dd5ecdd10d2b4ec5f784b06b4c8a19104ff505d1176c80e36
219268357365f92e55111847e137f1871e7ab7920a30fb68288e4df7c8821e78
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6
23727e1fd90dc2bc2566aeef37ee69dd72c888dd8ba8d726f45e843c85eb0d67
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
248ccb60ff73ec7c27ca22bbfe068770600c60bfc1cf44155fd2b77859d4e9de
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2529329a0e5bf1d4c5ffd283b873ca443899a23711a2bf54a859da03dcdedb5a
25cef1bdad735ed734b1eda13d68d8f6fa488377ea9a113c64b79e855fd7d670
26352e7aa0979f5e5a13c11ee8955a5babfd0f93870eb68f41b93be02f30339e
26ff01af76420d9388b57e256db53d0d7100d7845312ff310bbd99aeaef15b1d
27a7413329567de39a9388c3dac0592e38a98c94e88be99e7d782e06de197e5e
27da2423b49bb99641a10b7f642b6d1386e41d1d9540108fe21f85b62d8bf735
289f1a0c0a0b14b67010f80452ec675389621fd84469c93a0200def90a903704
28dbb73afe4e6cf6a041a7f01f257aea82db2919d937c3b40eac5f87284c76de
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29d4edb1aa04c485c8842d46c1a75b4f27edf7fb88a9ba8e229cb3285a610a12
2a2d04bb04d52ca53c1aaf2f8de8574e929f1136e08c828f36bfe0b03d588835
2a705f03f8484b84122e2a86b2b2d9c68d27e5b3030ffb0602f3b104ad16d9c6
2b050949cc97e2bcf1180a8e4afb0b29eae683e49b7233e31863d5edda16df5d
2c3cf8ed53e22fad784b7e01f9977e15c4d209c985db918ed120f4542c755b01
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7ac1b05d3a0e1951a4b9c99237993e39ac7b1f4f2c74f4bd6b45b7955ac8c4
2e7c46dbf85b911665745279eaa228d38479f4a6c381082010e79e1f5b81d2fa
2eb96017523f81414057cd913910d3cf7280865a78fbfec612f9695a710d2f61
2edccccd61b8e78c3897a5fd222f87227e738553c54634a42ef4ecdb81e54ad6
2eed9b7c16402eac9ec64a4ab267b9bb55c1f3c8bff146eadf9eb792217f1298
2f1939e0b4365904c263ac785c9caefbe9d989d803f88463c0b33bf43654352a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f59ac8dad7d832c75edc7cf917c512a3788d03ce0862b38c1bfccc54eb01d10
2f8dac6610f3f5722e1dd80b467ddc23575d6b4928975ae9957281b22d816c85
30121d06bce080935da9264df11e5ee42995b4924839f9a8f026ef85aa895776
309aa1253b3ca616de2b8348ed92b0b652482cd56e13fd747123a5d1714b6a66
31000b06ee62a605901856b6cec757f1695bcbeb232df0f2b22107d811937737
3165cad5dd8b4fe35d604b9e61919d52281d3d8f76bccf9f03d996bba4aa9a18
329d274904467d456241a8804b9f7dac884d1a6585db385e1d94b657b24eaf65
3381376497b5b338f301a29f4b399d81331e55a568f02df5db466149e5826f13
3405f706032b7ca04d1c19b138cc10afaa2cf331757609a1ad4a68784c93e041
35c6535802e0856df320a0206ccd5dae30a2c5b25f36bafc4402c30db53bb0da
35d87cdd68ea27d92f1e2b445f2252653d88f5589aefd7a352a26e7d384454c7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
368f4c343722bcd0da3077d1e117f5462335c5c21066ac5472810f224e07718b
36a74661dfb652c289dd3bdccf3c31dc9ba453a328a4318aa72a34f1454f0842
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a1e21578f9b56d168f68181d4488d7a3c98a5463f7feac235c8d1e55bd467fb
3a962caddba7c7a696505c99c92f4097a26c8daac24ac3a964233f2e65f20dd2
3b6f8a6960fd045954373458df9be6dcf1d8b449a21a119e1be66123e53a24f3
3b75f6e93a461b38db8a4f7f230cd6739a2ac0c090320eddfd439edaa370353e
3c2bb1edc83db7e01b582f07603b904542b02338f03433c0fd7e907d7fef1369
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7a27ba2b73057a2b547ee08a40431a241d0438de742e5f525c909ec097ac60
3f902ad29ddb82f3c70d61cf7b22284bda74bb3281f964e93d059e91a0a05571
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4041a3a57fc3b0262e107e54645fde937813c7111fa338a3d582274b8818e202
40ce35da02472502946f52bd3a4606bac134e84b742dd5e2806fe4c3d6b29a5d
41704d63fe713fce52941fba264ff01d5e370be6dbdfea89a8f12ce9d48bfa9e
421c4659e20aac02c9cd2e70c4d6ff06351ffcdbc8d2eee621841c6a5b825293
42a2b558fbd52d501c1145ae5b3c71f5b94d104e8d7836e7b31cdef8fef42795
435bfd2298310eb82d20743c88f633bdf70633bfae20c394dd526a79ddefa566
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4423d5740cc0bb1e055fabdb4a0b7eade7205cf148fcf5a0e752f6cbacb1cf96
44633ed4eb5ded912809e94bfce297e2a99b6f4047d473c9b216e5c1bbc82ac2
45098e04b5e6f9b032cfbd1c553f5d71b22b547cd1b96830b5818d3ead0d889d
452d1771c6e4f4a4981f681d311aabb02f3b79661e4b3688293506891c4549ad
465fe72514f81fccb7dc41806add85abf16d815f3a3831ceca98bb85475e1d4f
4717410c1ef684a572d4662c8bc6860a753e6ea7e9640d699c4f2a0e4d08c9e2
47620b1c1953d23294388bd291afe505ecce08b0a954853bd0daebae721362ae
4763b30256d1f825892cb24018bbe370d429351e5bb0ee3816c142a2d305f393
47a7925807b2cc60acb03f39881a4fe0b4973e34619325d9ff10227cfa0a5859
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b306819283c71992ab669150574eb8f7aa3f617f551cdddb8731b76d83cc5a
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49940f9cafa5d71545bf846b00f35301e58855c4de541521f8c764e18ad8e211
4a5eddf1b797d631d5060a9bf443483a1a7e410c0edc607e08634265b81d0266
4a7ece3834a5fea83bbb71e079cd3e0f9a9872844bb37941b2f73fd303f94db6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8f230af668f20a7b50021f1edb1fac1c96cab1aa576933a2064e5d7807179b
4c1ca89e42ba013b242b5da0e45ca034562ac4c51bebbd7c1216f6bd9242eec3
4c3cce7c2373fc4acb18cddf35cb7c8b28fea5e8ba592c520168c79a05cdb7b4
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4cc50fd2d13d1ed3233132174a770885113cd4957f6fcc8dcaa9e1daf44255a9
4cee1528c945640c0054ddfe277e7845d3d67fe9ecd999e2cedc82cfa98cc6c9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e89866ffba8b06a31d366ea9f6f5331f87fe29877bfce5381b78a46ddb7fd19
4ea8e09e539bcb4dfe00f2656f49182fc3d3748178bbdb2ae28e0cda31ec7be3
4eaa63fe224cad73f3348b716855de0ace8a3169abfc0d7b2845d083172f53dd
4f2e894b7e3b50ebc842bf653792c63d598ac4b6345c279aaef7616a63f19341
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4ffa160c3c98d65ac623bec9d6afee4a294f79da61d1b5248405f1dd0e726bc7
50434859133c202645fe2e1a75e65ecada69675501f31e4599c89a586727aeb1
5268b13e4083e880105c48eb2350799a7a73ccd3653d458d9e4296a7e8b59c06
52738b341a067420ac09b73046691052b0b5caaa5edd02e74304ea6581e2a2d2
52786c86811c129ec151d880a742f4955bc63aea2f85fa641fa14c9bfb4b64ab
52efd6959ae8fb441d9b7bce3624bcbda0b601316751028b16b31484124019c5
5330ed2d6835b215105836f934e85bbf925104785923c35d6dc77f540fa48736
53eeac6afb74c6a3b1aca65c7ec44883268d44023b4565eccdd8ee5a68db4e63
541c63ae81fe7799a19523dc8f2500646043eaa70d36985c3f2fc86264e4e71e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55813cc259063978ae7f1b5ea43cfbaf6857cd9f837cf06db5f4f3e015a4c86f
56f795b2b0ae20c787ea17895b7b3b39df0888e5cadcf5b25a68b5c89c6b2475
5887b03f44a197fcdc5400caec10de1c69f29619c1fdc868d4d461130e0f9efc
59b767baff012560cf16461d4a82a10342a673faf233989b773507becf4f4387
5a7dd2889e6c519d0f3cfbfbbc05dd4aa057ead85d54ca91b0c63fbf88fc5769
5ab9af57d90d12157852d8b61d7115f2617697fb8f5b0e749fe9b51ef3823add
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5c59b9fc4a087e1c846e061f0196541cb6729d80ee3bef29212edc89b03cc7d2
5d1196cde76ece95883b77dd9c7d2d0a7a863a2a476f1e44390e3a5682ef89f3
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e8aeb859e55a6671b89115d84e0fd7e5435ea99b3b49e7ebd3d4c22e41185e8
5e93d9274cd8eb2b7258d96da1cc9bf5edc24c691f29c65bff43383e9cdbb6d7
5e94a27b4db7728e8672d91ac7d8e64f9374a8a13c0eab19721f6d155884af1d
5ecfceed7951d0a23f2360d012cb571c62b8803d415e8b85b0a9d7e870d4b0ba
5f74a3da6c33974e2a47b60839dbe7d5b48961aaf69f6e769a9ab1cdbd6aff02
6099bc3bcfdfe836ff8db9fc52bd08c0d2a9a58d7b303bf30f032d2dd94cf8ef
60d0db45d9b98937b0fbefa6fd9c8d89f1fbe399e7ce8e27e3b1064adea27431
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
62675c01ca7a9e7af102c699f55fa970eee7f0106984839722e018e733744c03
62e5b5020499d0dbd26922152f199b559ee4922d9132b4242364edf88dc63121
6323865009dcb5c3a76c9f8dfb485d28eeceec77f8783565265e2c378d37e3d6
63c3f35eed8f9fae951373f4f0642d09521b1b86c8d3a6d679047bc5440790fb
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
66941faf7eaa7bc92af67e1c8cb977c059ecf224d2ba7c8c618e99fac5be099e
678cdb3292168129e37628ea8ea11505940d8d59ee1b532ec18b0cdd18ba390c
679a57f4fa6fa535f92878378829789e3fe109f5122a27fa35ebe34283007257
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68646f4f029507fb375a8a7e028f6decd531175ec09729fdf0e031cf09e46a8d
6900c79dc613cdfa5479f19fbc6888af11561bee2286c04b4af9de762a8705f2
6924aeec6e6de01dfd439327c170d8adc2f9dd8415e9903e3b24f2c3b6506389
692c21097fd1b5daabe6c434af68f948dd87daf295dda7baa28b787c3af18be2
6a4055df87fb1d7107976b40c27409f42d0e58278bd88e24e49109f09a8de14d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6c3aeb8d08d48ff373c1797490750f9b8c123e7576e2841d159464dd26ea32
6b8474a0f9c6b3c69e02409f7eeb8faa908b8b18e64fdf7cc88a9129585fc7c3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc777a47ce56ac71b7f1d98c8f0dbaff8d7a0dd0fb2c56f49fae4b6f1ebdb10
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696
7088fa340808f8e3f32dd6ee985f1585ac57d0147d4de29af1891eb5ec848a30
70d007dd5f9826526b468da7f681553e7ac87b51aa1e0b60341f1aaba6e6bf48
728c02f7231714bc38e7c69fdffa51497df077d95ef7215fbdcd0b411a156914
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7427a116d79e96b86d83e53a1008f2a7bdf70f5bef2f5756edb2da0c73519808
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7504050754ac1fd593813283aac0e61e8eb4de078ff0fea76d49b1a64898d954
75b42dbecde190e8796cc0e49f97119d019da0259de6dc0fed7965d2ad25ca18
75dca905ca700a6843470e7638fdf46281829d2da9508e0247e743602bac4fed
767b79788957dd1f873660ffc7046dfba0f5c9515b55056bffa8058ccfb89eac
76cbe151fcbdf1cc9783cf3852092b2d0d1c25f8b22cf082ae6db3d10b89754d
771fe9a11de7f4c7a3f476227ddf69271312103e574f03faf8ae440869ca961d
779ae77fde625f9424d17e5f1907631632e768d25f99e57336f9b33018e918c8
77f951b4aefa28403632bfc068196aaf2051e44078527250c041ad4930d4e186
7885fec7134d3115008170947698105b00a94fad9ef19a0f8fc4677d77bbcb25
79f7e149cb98d9faaac0cd52ac620ab81a6401634257ca1a4bec050ddfb45fa4
7a4aa2cd68b993e69b3802b0eba1e616c1dc5552b170fa186070f3d4452abf78
7a745591034534431b4e5e32815599cef3101631f9e6a9052a687d96dac1a3ea
7df87b3daca4afd3121f1e591f406b2e3394d6e33e033789b09df48a6f1f09a4
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe452b6d12b9a0f6d2c06daa3f67ae0faeb8d4710e7c31880fb73f7d616a81d
802971016cffe880fc38390c57c9e92dd4a59f87f218fcb38cf3410e0042dd46
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83466f2f78ebf105c76595f846c8f05b80f57e95ad6948d62d65bdd1fb8ff502
835f1dfc4109c578b77ba1b24a70cf3c07e73440aa65a94c329c29f763423bc5
843ca27aa5a55f23f36493f7a6c93bd16bae165e07e4be441ea45723b586eae2
85dbb85be92cd871f54f8cc28236e1c8393d8cacc0118a1f99764a6acbf8a527
8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
888185188172a2632abc86263fca635537cbfff3aaa312a5055d825747b814d2
889540750e7ac30e8dd3afdf90ebcc13c9860a26309cefa4d8a92d319c8be010
88f6dd2db19103f5c7850258d911d6216bcbc9dfda6f63024627059dd82025ba
8907c988abce36758d87a639ef2ddaa025c0338402a80f4e71b7b2450cc7861c
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c1c30b6f5257e78acb2bf032ba7f732d2a4ad09eceb9787e7ed02fcbd31344f
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
8f9584b90be33bd7c46ca2521386b57de0bf7094d3f2a56b5b44111fbd094c85
9025656e529d4cae4144388137739bbe819cdf38001361e727b808c4120aa1c8
902899b8dd3a6b30f6bc1be0f39f48ce72d0c41357d8bf521cd86f58bb633b7e
902dde5c61e28b2ea557a81ff2d3a2be505654f7a8d74b35c52410f47dc75f66
907faaea78c708b84c2f6b51c16b2e8ca140614b5b7feff50f0d5de6c43a2234
90aa84bceedb083457eaabf7698bd9e9c9772115382745a9f106e42eb59e43fe
91932887d85f4944ce6feb9351a5948c6d43ade45dbb79aa5f08ead188cc8c93
92e02a76c97c8243eac102e515943a3300c4014206ed2476419296fec46bcc4d
941c36edb9a6a43cca26d7fb1e92d0aff913058fba43469e5f8eb9b1a5c6fb8c
9437cb8c68b4f03aae1133849212324a38f4c3e73e03fc06c3bb84b10abd82ef
94788e3b5c932d7070014c95f02793ed287abf02f070d3ed1a2d2b1d95a75390
947d49c2f15dd40975160ab20c3e704132a1544d0e68938c15035b8a1ea82178
95d20f69c64fac35d400f760c1dae2f400193a28051dd44e51aa64ebb2bd04f9
965d8f580475533a5f086cc3d84c5b50b3dde5cde78959fb2a1261bcbc8e34e7
96be7178dd22326f3a84ba23f93fdc28120df5f8e1f47c370dfa0b6bf88e9927
96e9e83d53a7540b47e12c86c17e09914dd34a0c64f8d654f80c8a07fc03b802
97112f2d4a510f5083a4f99330889201be77a93a6e0bc3d2a3df33403fe23bd5
975ab5c9d745a844535ec7e7ee66e68277794e8b2b017b1030a783a995dce819
9786890b61e44e5d33200ef97bdc95104d0c5bcc9f12574f325a64f3dc2cf2ae
97acdc3bab97ff75b946ab8a172ceaefba5f82532ee80cd7d6f2496f71e01c7b
97f9eb3ea2fa356378693614e0cedd121e5c1e869c1d285105e0cbdcc97f8c61
981793c8e58a9ebc2fa825db3f2e1de282a682d2158238d497cca1af74844116
98800a09adb4ff6bcd87036a239509d390a12c58e5f2581409c328c52c4f29fb
990b8aed006156731e08e68ec85706ebcf592462536e4374fa58a57fdee1c055
9915cb993f478467f5553d1870d367d6a174337f6691e5298c26977c392d067c
9940d9992b9a24e644833706c56a5e19185d9fa302c334bfdd0199daa174f0e6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e232e7b99b23e9dcf0a54a487cc9d392c059106f69fa9a24bae774b00fb33d
9a9b45c0ca49b03d148d40405cc2d81602e647ad078b12aca5902efdd60535c6
9ae265cc609c0cd62f3958c4ea97b91fef8d7df10939e161d6511f61a5898f12
9b24fc5325cc8dd978b2b720723b9faa67d3f21f19f286dbe5b4949d1cebfe22
9c3636edc7b1f6f291561769e27142dcae52625356595b5f5d019454366e8a20
9d1d5c2e2cdf38c7149da592cea1a93063adb9ae11fbe311ce573034616cc021
9d57f50fd3260899ab36ce3d61ded63f87dcb0579353baa49e786c93c640cc6c
9d6ff7e69a19caa9c2930ec6978663da3b4a94d3422c1c286daa98e5cce1e74e
9d801fe6909c761e32320afe5cca8251ee6a166c6d3d330d2c4f4e02aeb233c3
9dff2251abbde2c57b87b8e340e8cc695637fa72f8ff311c61c37b97ec5810c1
9e70ca99df457e2c5aeeafbd48285b5b2fa74017ffa35f2075fa3987be6e89e3
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9ff1ec6a5c6cd2b6f8b9c7c384065d1c90be31f744aabe4a0ac4650352a63aa1
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08c3a22391793fb96692ebd33edb18d914f99eb0836bb4af5e4d84f1c34cef4
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a196984036a07f8eed2207ae1b7cd4bab6e6643d2d6e56c78d3f3f2033f1f71b
a248c60e250f1fc75ca7229090ca196bf899d02ebecf41ee33ff5a493b241827
a3f69777dc1f29882c9149b513ad5c5f748020328c8d8f4723a2ee32b8bccfe7
a4669faf24764bbb677af6cf1fe50f73e2e125835613085937ec06863dc31984
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a18f241b4b17ac2e37fb8311c9508ddaa29f6e285fbe1a5a18e18271b2c756
a4baed4a6c81e1ac045be6ea45b4b5ee9e7ecf47bb6b956800c3a835c79580c7
a65ec0cc625d44cf34b38c99fa3bc2b4cac27f68effb591912ff60b568621eb5
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73b07b79ef2a5fe195950c84b1b975ca213f8d8ed68d884513b36425e8109a5
a79dd18593631fce35ed3a979ea59cb8fac40208725cef4aa57f158c635a2712
a838acf609a93e659c81069a384000cdd7109135b397805a1aae918f29e82610
a9f2f84b95a2d0b69a5bcd711b41957c8e996d0f532db32c0d1bae12c5476c0e
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ab93ac0e7b84ab8a1a01621cabe403ed345ebfa22d3a51c40b52b937f683edea
ac1dcb1064d8b31b7fab840999b7ea92581887d54e605b51f6bcf8d8d162497d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acdb4b1e4aeaa24e8fb6b46e41a832000ccfb859c1d93dc3859a7d07ab09463a
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
aedf94ad839f3db31848e2b9659dd2b576b7047ea6638988aacfd782df9d8c8c
af058bc0a949d80a2234f297e983e6fb3438a7f360daf4cdecd3d717ce047ea7
afb9b2b40a988995096a16c1a07befc8d89ef46a30c036bbb20fe053da436c1a
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586
b0381530c32a7581320b297e4a66b87edde1e171a143c9228e4dda38d0b19000
b0a9ac514283709cb85750e1a15f4ed549be7d0caa7711a70a3249d15538ac44
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ca098a256cae2c393c7a8c24f12d8ea94842d151d6a04a826961525d5bfe84
b23739f36f89d58df38651cc70c506a592e9853410ad8b5c3f98f10ab59c9dfe
b2451067cf8b3c99e806115a529d93858bb253c6d78304d425f971d21a81278c
b24dcfa6fd675823a4ef30dc6f26788e36bd822a1e49bf00ae59da8a4d8cf23e
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b27cc2654c00d737f49cb68b74ba7893c151612b1ad52543f4691f67db0cdf97
b3b8a709747a0f6ccaacb7d66686e51598b9774396bd366c74d942225f0e42d9
b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8
b4e486f5794eb655bcd092e9871a59fa8857d727d60526096bcd575aa12c9114
b54f8348bc4f14f58f9d3e0ffd9f3c3030212253e7ad21a8716ddd6625333c77
b55a5f118dd00bb2769aaa6011a6b6450a3334511f79503fad6815fd0125658c
b60138a5c8d27121855ef3f7fd10d051c66280b5fdb007f963761aeb8599e82e
b67596bde5f7562faba79125ecebe3ee3b1f53549cc7ecb7020900d839580d19
b6849b99c9da8c60aec9d8fcad58817ef0aabe354e6f9194f24b7e68df71f41a
b707cea228ebd1afe82a1840449e8c14d79bb62ec828d1ca7c3b6832a6905133
b70e4c90ecda74626e7dfb7374051b94ab28d316e5d89930a8ddd8b6c764e4aa
b84677c9d507861ede2db86349957b3fff926d3857fb11595ab96d8866314798
b94472d780db3b45c0920bb2dbd0cb57660d80671491ada0ef15776f3de9e812
babed8ddf22ed2e66590a4f75773661304242a4f4167d52e165652fee492933e
baf688b4b126fe8fcc94c8757a91627ce68670a1d9d77e107fc14a6cdf2a63c5
bafeb15ddf054e44b9c1d9e25a258cb2bdfacf6169d00d885de7b188d0a02a7b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb49aa393f91dc66267e42500ea366572b356e56ed9e30481cdf5a056dee14fa
bb6f1866740bfb050c053eec18013d6490f192087ab170c9d40354990107f893
bd0d1256c7eabefeacb54f07bc1c3105c39d6e13f407ba8d592e065599d4e753
bddc6568346aaf34e5fd9fd8c90a9cf1034e51c4c87e702e725d57beadda0a07
be5c85bf40c3790d8bb01cbf334c014a920ad644d8ea3b61a3b8ed755b73a114
be6aaae29a207bdea28a1e545c6f5652abcd30845290ec990892805c895d78f6
c05cd9be1bc762fbacf815de343963eced0316006550804fab87533c2509061a
c1b1d353b9e6911b4b006e87d2b889413070b6837a3433445401e2c27d20316b
c1e23dd192a000253259a7fe825cd040f704875bf370e24ed6137d19e3221bf6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720
c2cf0b19c5fa7e1b24d08654efb1c5dbac9d1b43b5c328249cc07f94698b8486
c3b227b6f2eb22db6934f3c293c2c9290822090ba9ca7fd011991f243b4cd074
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c424b3f5900decfee6fe37f8d706b3d59bf2bbaa8c73d08bc2a82d3cd4f14bf6
c56ee3cc13b1d5e54254ba5511a23010557dcc7492aaf08ceb8c7798c9d2302a
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c64308e6ed3ab4dc8c78868174040d8d09546ea9e6ab19682285a675897edc98
c64bacfaa6098804eca868f9a267a073efef52fa857b232530af75eed736dcb8
c7b0f0911a0369d7c7cacf264c43bbf364199c80c05b23b807f92504b6d3b193
c882f02b9ef69ee606f8adb92e7ada8b431ad4b9a69e8dc4d3892e2c9e4f2a4d
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
c98ec5f05be6652eb6138038cdd3934dc872ddff5df9c2b6d88da5a443586b2d
ca30554832f74f90fcf217aa123c72bc327f2a00463d8f9a09851e46cda97f0b
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caefdcc9ae00a197310c0e74d02cc5011a10cf2f7494a3c6e28cd68dc7c37540
cb382a96db0f4b97aabcb7a2d5b36ed9cf1aeca7b6f2f733cc645cf734300001
ce03ad949eaf22f8146d090a7491cbd5130e48b064467fa71b8099675d5b9c7a
ce270c9952a278a73384c409e1bc02e7b5367767702a1d87d5105b9aef3e91ae
cec2c1b07ec561c19dbb290120711abfcfffc93359080ab3760af6119a364bad
cee1ef144e6f32a5a0055f9c3ee79ea96dbb0618ee4eb5f2ef2b7b290af7b515
cf36c2a91f108e0eb00d5d2f09de162b72da38a46bca7e80eb13f53aabac4d70
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf54dfe7fafaaa56c2b549e8e0cd6d9feb95a6a10ccda922dbd8680ae1cde762
cf9ce6944d915366d231c130c05f9844afe92167b177eb0d4ed8183bc44979b6
d00b29dfbdd07336eea458e5ad30818cd4258c298facb4702998aebd089577fb
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1bf06ce177b3cfe91c084d1d946fdbc3668cd4575ca0312409a1c568d006160
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d34e8a1a381b203e3d1f7c6ed4f077038e91782ea254c7a7e4785462147a385a
d3f558d5652153b808beb6e99aff1be451af4b06ffce53e9095f4d3d0d59bc87
d41b0ca4b10fa76373fbe654dbd440146d3e62f5975a6390033c1e81ba0b5160
d43ac5826a74f4e5dcd9435aabe994b89a7e2030babd441463c621e96eec0375
d4c7bd52329a768d28d0c4d688b0cf5752704b610a1e8bef8a1943b02a853f0a
d4e19725f2267ea85db18c1072e6cad9ce5e3de2ca1184e3c780d415abba9e4f
d4fc42994e6511f7542d3408159c406dbd35000c465ce98287db279d8792a30b
d568d854b45250d11c0aaf696fbdc55eebed077f5323fafdc7a927fe154261cf
d6fa7c39b1d5e288c739c3a225a90d0698798485d5b17c1350dc17925942b841
d83a9b51a7992fc2da94da4df19fe35a4f7a78f5e03e3e9e7fa1be8142268a61
d89a9056ea67711682d897534afd030e4cfde4f55548dd5f80fcecaa6d53dad1
d993646e0f2e782c5ef10e36fb926f754fcd8a1fd04e81b6b38c6b842ba87dd6
dad80ef4163f0f8c51f09f07b016fca151c23bb2cce33ade1cb5b3f158793500
dbdaacfb398d13048d6f5c735fedb83bf34429cff245fb5e6cbe4da01b565cd2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd18ae6f7ea4795c20b8a77996dd0d4bb160d340e8cb85aec774a3af11295b2e
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561
deb959c047f364b4d81eb0b735fd60c7172cb808ddad43546948d90a38ad362e
dfb749c8597c2c8686580548520a1575a8026ed3efda320792bc9f5bc8cd246a
dfc2edb71d2b3576735588a2d5fe718c818adb93a20ddcbce3e470cbd372e52e
dfe131a134d2c15a3b806281cc1abd4e3f13ac7fd24b6f9112c74db134c56b93
e037cc01f9b03ec82be7384d1e0c86b2a79cf6b0baef6af21798dec74a337b81
e10f899db5ca9e90a689535e19be3c8c873b3ceaabbc7acd9da39ffe2f1a2bdf
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3319b4083e3677f749899da353a9ba29bb56baf064eb5126dda438d32b347f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e69290d5897979b5b2dd49c7826b916395adab928b2f65535af12cd078dc8d
e7be1e57f70cf27212b282c630eff6c47605f2c66a3f2d2cb46f8ac3ad7e8a51
e9919a25a67b3621c47628d913f9f3b2317630fd39c880f505a7388258870b18
eb48062f813c4204ad54dd2fbca0416c37a731578a2a20583f982c4d54c93646
ec67cba0b1358aac92b0b91711573af830379aabc5c0f5c08f0c984f0f739601
ed1a60158289510f2d8026d80faada61db3dfc4beedeb02c1d84508aa5b4cfa3
ed304fb06060fcb6104e29fd4dde7e97e0b009e3d70abd66a580f046a0c13c17
ed51363ac2882d87546b523cd6913d8ccce5ba8a074d3e10d6757c80a2c4cbbe
edcc2c1588e4241b428647605cf5d2adfd4bae02674734823e010233a40d84c2
edf5c9a4ea5a6cec5b43b8b34622496a96e2cbaaa1f92caad2bc0a15facd48cf
ee39748e070e806696fed9b4f0600b3b32cce2bb1a4dfc5f5e4e05d1d4d40ae8
ee80e2de5c026fa3c0786f587eed85d1521d50ba1aba027c2b0714c108c351a6
eec228a1ab696042352ac5b80b5d3af26ffee7a026a202afbe3b67100234fd3b
eed312a3aa4c47de870600bb272525d110e98c95263ae9ea181130c34bade0b4
ef05a772e3286f5b398fcf5ceeba8037bfda7346bc2b578e5b12c01e255ae0bb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17cf1cb73dc13f928ef0122375fe550926a471e46d614199bfe8ef69733437a
f1f0c468601b2c672c460708077388a4a4994a909e086fdaa6dfdba70e636cd7
f4162681be99cd8f60c37c41185003a84168962b652827cd9bf0a45001e8d641
f4be37ae6f3da730d311ea6ff931acc51d1ae189ec3c2d28869cb00e536605cd
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f650676047609c72f3c893b13a7148916bb0a9a5ff1f6ca9c531d07038ba31ae
f6646d4d6d703fcd5818a1b97200deaef6126e1c04f7288f7add8c27fbfbacf4
f677418329f1492ff13d5041c5872f1570eda43eaca5d1854a61de27385dab66
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6b328b9c07ccd7739a133ef43e6939bd8aee62eb73636324c67773a7bb288b9
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f8b59ff6442515d8f00028ea55697f7b097a055cc82f4e88e06d319018745401
f945c51048597580e69d43f98e7ce3c63f8c7b0a2235c988d03ff27a38b61628
f9a80789a73d8d6e098e972be5b2733ba0743c6b93abd1701bc470d216525b09
f9ff3cbc1e18c6477f12b990a1d7e9b1dc734a445fdae3f64318193b7203e0e9
fa43023e804760a3afc30fd16ed1553246136329d7a3a871672b5ee8c7022fc2
fbe3a1b12f574786820599243f36ffdee8541558521de71f47a54f6f66f438bc
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc5cf9ca31f8b17c54fb201fc64931e2900b53ac1eaec6c5492f2b138c752bc8
fce704a574001e626087c28db6ba29c8c6bce20f156a7fc3a321b505326be3b5
fed2bcfa448afdf10e5fb53b531dff06bb4bd1ddb9d9318f45b32be85ec974f1
fefeb597a52e8ae32f01920181c4d49b0d95911e60c3d923ea9318c254c76d0d