urlscan.io logo urlscan.io
SecurityTrails logo

www.dailymail.co.uk Open in urlscan Pro
2a02:26f0:6c00:2a6::16c2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN...
Effective URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.htm...
Submission: On May 01 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 115 IPs in 11 countries across 91 domains to perform 569 HTTP transactions. The main IP is 2a02:26f0:6c00:2a6::16c2, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.dailymail.co.uk.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 16th 2021. Valid for: a year.
This is the only time www.dailymail.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.2 209242 (CLOUDFLAR...)
1 53 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
4 65.9.84.12 16509 (AMAZON-02)
1 1 15.237.136.106 16509 (AMAZON-02)
1 2 13.224.106.70 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2 34.241.183.220 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:210... 16509 (AMAZON-02)
11 13.224.105.229 16509 (AMAZON-02)
11 199.232.137.44 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 185.94.180.128 35220 (SPOTX-AMS)
1 2.18.232.234 16625 (AKAMAI-AS)
2 2.16.107.122 20940 (AKAMAI-ASN1)
2 165.227.252.242 14061 (DIGITALOC...)
1 2a04:4e42:1b:... 54113 (FASTLY)
4 37.252.161.190 29990 (ASN-APPNEX)
9 35.157.246.167 16509 (AMAZON-02)
4 213.19.162.51 26667 (RUBICONPR...)
10 3.122.57.214 16509 (AMAZON-02)
4 178.250.2.131 44788 (ASN-CRITE...)
8 35.244.159.8 15169 (GOOGLE)
1 18.195.223.2 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
4 23.21.47.204 14618 (AMAZON-AES)
3 3.121.105.52 16509 (AMAZON-02)
1 185.255.84.150 200271 (IGUANE-)
1 184.30.21.51 16625 (AKAMAI-AS)
6 17 37.252.172.38 29990 (ASN-APPNEX)
2 3.124.9.99 16509 (AMAZON-02)
3 184.25.115.31 16625 (AKAMAI-AS)
7 10 35.157.13.124 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f03... 32934 (FACEBOOK)
1 104.19.149.54 13335 (CLOUDFLAR...)
23 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1288:110... 34010 (YAHOO-IRD)
1 2a03:2880:f13... 32934 (FACEBOOK)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
2 4 37.157.4.40 198622 (ADFORM)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 8 34.252.153.38 16509 (AMAZON-02)
1 10 3.121.70.57 16509 (AMAZON-02)
1 151.101.13.108 54113 (FASTLY)
2 2.18.233.180 16625 (AKAMAI-AS)
10 104.111.230.142 16625 (AKAMAI-AS)
6 20 2.18.234.21 16625 (AKAMAI-AS)
1 34.98.67.61 15169 (GOOGLE)
21 151.101.13.44 54113 (FASTLY)
4 151.101.1.194 54113 (FASTLY)
1 151.139.128.11 20446 (HIGHWINDS3)
3 4 185.94.180.126 35220 (SPOTX-AMS)
21 2a00:1450:400... 15169 (GOOGLE)
1 18.193.33.250 16509 (AMAZON-02)
1 52.29.183.32 16509 (AMAZON-02)
5 7 51.89.7.198 16276 (OVH)
3 3 35.156.217.79 16509 (AMAZON-02)
8 8 51.75.198.14 16276 (OVH)
15 24 142.250.185.194 15169 (GOOGLE)
1 2a02:2638::1c 44788 (ASN-CRITE...)
5 172.217.16.134 15169 (GOOGLE)
1 3.126.6.158 16509 (AMAZON-02)
1 5.44.20.105 13768 (COGECO-PEER1)
5 10 99.80.67.138 16509 (AMAZON-02)
5 13.32.21.23 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
4 18.156.139.73 16509 (AMAZON-02)
2 185.94.180.124 35220 (SPOTX-AMS)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 7 72.21.206.140 16509 (AMAZON-02)
1 1 64.202.112.191 23352 (SERVERCEN...)
3 3 185.29.135.233 30419 (MEDIAMATH...)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 65.9.84.35 16509 (AMAZON-02)
2 2 18.185.192.106 16509 (AMAZON-02)
2 4 3.126.56.137 16509 (AMAZON-02)
1 35.241.40.233 15169 (GOOGLE)
2 2 3.125.253.138 16509 (AMAZON-02)
2 11 141.226.228.48 200478 (TABOOLA-AS)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 5 69.173.144.139 26667 (RUBICONPR...)
1 2 198.148.27.139 19189 (PULSEPOINT)
5 185.64.190.80 62713 (AS-PUBMATIC)
1 2 216.52.2.48 29791 (VOXEL-DOT...)
1 185.86.137.110 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
2 2 178.250.2.151 44788 (ASN-CRITE...)
1 1 172.104.105.5 63949 (LINODE-AP...)
2 192.132.33.46 18568 (BIDTELLECT)
1 1 35.210.239.72 19527 (GOOGLE-2)
3 35.201.67.47 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
1 52.57.128.70 16509 (AMAZON-02)
15 2600:9000:210... 16509 (AMAZON-02)
1 1 213.155.156.169 1299 (TELIANET ...)
4 185.64.189.110 62713 (AS-PUBMATIC)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 77.243.60.138 42697 (NETIC-AS)
1 169.50.137.190 36351 (SOFTLAYER)
1 2 35.190.59.101 15169 (GOOGLE)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 1 2001:678:cb4:... 56396 (TURN)
2 2 135.125.8.70 16276 (OVH)
10 142.250.185.98 15169 (GOOGLE)
3 5 18.197.47.23 16509 (AMAZON-02)
4 76.223.26.175 16509 (AMAZON-02)
25 3.82.234.236 14618 (AMAZON-AES)
1 185.64.189.114 62713 (AS-PUBMATIC)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2600:1f18:612... 14618 (AMAZON-AES)
2 2602:803:c003... 26667 (RUBICONPR...)
20 13.224.106.44 16509 (AMAZON-02)
2 2 23.79.143.124 16625 (AKAMAI-AS)
2 5 184.30.21.112 16625 (AKAMAI-AS)
1 2.18.235.40 16625 (AKAMAI-AS)
1 2404:6800:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 34.98.64.218 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.74.194 15169 (GOOGLE)
2 2 18.197.64.250 16509 (AMAZON-02)
2 2 37.157.4.29 198622 (ADFORM)
1 1 2.18.235.93 16625 (AKAMAI-AS)
569 115
2    199.60.103.2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.silobreaker.com
53    2a02:26f0:6c00:2a6::16c2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.dailymail.co.uk
scripts.dailymail.co.uk
i.dailymail.co.uk
ted.dailymail.co.uk
t.dailymail.co.uk
secured.dailymail.co.uk
crta.dailymail.co.uk
fff.dailymail.co.uk
creative.dailymail.co.uk
video.dailymail.co.uk
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    65.9.84.12 (United States)

ASN16509 (AMAZON-02, US)
uk-script.dotmetrics.net
1    15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
swa.and.co.uk
2    13.224.106.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-70.mad50.r.cloudfront.net
sb.scorecardresearch.com
1    2a02:26f0:6c00::210:bb78 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
hulkprod.anm.co.uk
2    34.241.183.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.sxp.smartclip.net
8    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:9000:2104:d000:8:5c85:cdc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sak.userreport.com
11    13.224.105.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-105-229.mad50.r.cloudfront.net
c.amazon-adsystem.com
11    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
imprammp.taboola.com
2    2606:4700::6812:5ba (United States)

ASN13335 (CLOUDFLARENET, US)
macro.adnami.io
1    185.94.180.128 (United States)

ASN35220 (SPOTX-AMS, US)
js.spotx.tv
1    2.18.232.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-234.deploy.static.akamaitechnologies.com
aka.spotxcdn.com
2    2.16.107.122 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
storage.cloud.kargo.com
2    165.227.252.242 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    37.252.161.190 (Shepherds Bush, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net
prebid.adnxs.com
9    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
4    213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
10    3.122.57.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
btlr.sharethrough.com
4    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
mailonline-uk-d.openx.net
eu-u.openx.net
us-u.openx.net
u.openx.net
1    18.195.223.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
krk.kargo.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    23.21.47.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
mfad.inskinad.com
3    3.121.105.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
tlx.3lift.com
1    185.255.84.150 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
17    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    3.124.9.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pre.ads.justpremium.com
3    184.25.115.31 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-31.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
10    35.157.13.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-13-124.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google-analytics.com
1    2a03:2880:f03f:1c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.19.149.54 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
23    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
5    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    2a03:2880:f13f:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
14    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
c1.adform.net
1    2a02:26f0:6c00:1a0::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
8    34.252.153.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
10    3.121.70.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
1    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
10    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
20    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
js-sec.indexww.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
21    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
match.taboola.com
wf.taboola.com
4    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
clarium.global.ssl.fastly.net
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
4    185.94.180.126 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
21    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    18.193.33.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-33-250.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    52.29.183.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.adaptv.advertising.com
7    51.89.7.198 (London, United Kingdom)

ASN16276 (OVH, FR)
id5-sync.com
3    35.156.217.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
8    51.75.198.14 (France)

ASN16276 (OVH, FR)
cookie-matching.mediarithmics.com
24    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net
ad.doubleclick.net
1    3.126.6.158 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prod-m-node-3113.ssp.yahoo.com
1    5.44.20.105 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
eur-ukp.adsrvr.org
10    99.80.67.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pixel.adsafeprotected.com
5    13.32.21.23 (United States)

ASN16509 (AMAZON-02, US)
choices.truste.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
4    18.156.139.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
protected-by.clarium.io
2    185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
7    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com
s.amazon-adsystem.com
1    64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
2    65.9.84.35 (United States)

ASN16509 (AMAZON-02, US)
ib.3lift.com
2    18.185.192.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
dmp.brand-display.com
2    3.125.253.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-253-138.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
11    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    172.104.105.5 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
s.c.appier.net
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
u.ipw.metadsp.co.uk
3    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
t.skimresources.com
27    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    52.57.128.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
crb.kargo.com
15    2600:9000:2104:5600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    213.155.156.169 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com
d5p.de17a.com
4    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
r.skimresources.com
1    2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
5    2a02:26f0:6c00:288::16c2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
crta.dailymail.co.uk
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    135.125.8.70 (France)

ASN16276 (OVH, FR)
PTR: ns3184584.ip-135-125-8.eu
gu.dyntrk.com
10    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
5    18.197.47.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com
pixel.advertising.com
4    76.223.26.175 (United States)

ASN16509 (AMAZON-02, US)
de1-bid.adsrvr.org
25    3.82.234.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
5    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
2    2600:1f18:612b:4264:7659:1bf:d736:fba9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
2    2602:803:c003:200::77 (United States)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
20    13.224.106.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-44.mad50.r.cloudfront.net
choices.trustarc.com
2    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
5    184.30.21.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
1    2404:6800:4004:81c::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
cdn.stickyadstv.com
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
mailonline-uk-d.openx.net
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
ade.googlesyndication.com
2    18.197.64.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
a.sportradarserving.com
2    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
cs.media.net
Apex Domain
Subdomains		 Transfer
62 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
pubads.g.doubleclick.net
259 KB
58 dailymail.co.uk
www.dailymail.co.uk
scripts.dailymail.co.uk
i.dailymail.co.uk
ted.dailymail.co.uk
t.dailymail.co.uk
secured.dailymail.co.uk
crta.dailymail.co.uk
fff.dailymail.co.uk
creative.dailymail.co.uk
video.dailymail.co.uk
1 MB
50 adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
471 KB
45 googlesyndication.com
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
ade.googlesyndication.com
191 KB
43 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
sync.taboola.com
match.taboola.com
sync-t1.taboola.com
imprammp.taboola.com
am-match.taboola.com
wf.taboola.com
am-vid-events.taboola.com
387 KB
24 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
prebid-server.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
beacon-ams3.rubiconproject.com
secure-assets.rubiconproject.com
81 KB
22 adnxs.com
prebid.adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com Failed
68 KB
21 2mdn.net
s0.2mdn.net
605 KB
21 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
23 KB
20 trustarc.com
choices.trustarc.com
65 KB
19 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
prod-m-node-3113.ssp.yahoo.com
ups.analytics.yahoo.com
24 KB
18 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
42 KB
15 3lift.com
tlx.3lift.com
eb2.3lift.com
ib.3lift.com
86 KB
15 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com Failed
simage4.pubmatic.com
33 KB
13 adsrvr.org
match.adsrvr.org
eur-ukp.adsrvr.org
de1-bid.adsrvr.org
9 KB
10 bidswitch.net
x.bidswitch.net
3 KB
10 sharethrough.com
btlr.sharethrough.com
9 KB
9 openx.net
mailonline-uk-d.openx.net
eu-u.openx.net
us-u.openx.net
u.openx.net
2 KB
8 mediarithmics.com
cookie-matching.mediarithmics.com
4 KB
8 googletagservices.com
www.googletagservices.com
259 KB
7 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
141 KB
7 id5-sync.com
id5-sync.com
10 KB
7 criteo.com
bidder.criteo.com
gum.criteo.com
dis.criteo.com
2 KB
6 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com Failed
1 KB
6 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
4 KB
6 skimresources.com
s.skimresources.com
t.skimresources.com
p.skimresources.com Failed
r.skimresources.com
21 KB
6 adform.net
cm.adform.net
c1.adform.net
3 KB
6 google.com
adservice.google.com
www.google.com
1 KB
5 createjs.com
code.createjs.com
314 KB
5 truste.com
choices.truste.com
47 KB
5 google.de
adservice.google.de
1 KB
4 clarium.io
protected-by.clarium.io
1 KB
4 fastly.net
clarium.global.ssl.fastly.net
135 KB
4 inskinad.com
mfad.inskinad.com
3 KB
4 kargo.com
storage.cloud.kargo.com
krk.kargo.com
klkstrm.kargo.com Failed
crb.kargo.com
5 KB
4 dotmetrics.net
uk-script.dotmetrics.net
39 KB
3 mathtag.com
sync.mathtag.com
1 KB
3 360yield.com
ice.360yield.com
1 KB
3 googleapis.com
imasdk.googleapis.com
702 KB
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 tremorhub.com
taboola-supply-partners.tremorhub.com
365 B
2 dyntrk.com
gu.dyntrk.com
850 B
2 bttrack.com
bttrack.com
760 B
2 lijit.com
ce.lijit.com
1018 B
2 contextweb.com
bh.contextweb.com
828 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 w55c.net
pm.w55c.net
1 KB
2 quantserve.com
pixel.quantserve.com
cms.quantserve.com
960 B
2 indexww.com
js-sec.indexww.com
2 KB
2 criteo.net
static.criteo.net
51 KB
2 google-analytics.com
google-analytics.com
ssl.google-analytics.com
17 KB
2 go-mpulse.net
s.go-mpulse.net
c.go-mpulse.net
51 KB
2 justpremium.com
pre.ads.justpremium.com
5 KB
2 serverbid.com
e.serverbid.com
88 B
2 adnami.io
macro.adnami.io
18 KB
2 smartclip.net
sync.sxp.smartclip.net
931 B
2 scorecardresearch.com
sb.scorecardresearch.com
958 B
2 silobreaker.com
info.silobreaker.com
4 KB
1 media.net
cs.media.net
1 KB
1 gstatic.com
csi.gstatic.com
331 B
1 moatads.com
z.moatads.com
103 KB
1 turn.com
ad.turn.com
425 B
1 dotomi.com
casale-match.dotomi.com
187 B
1 simpli.fi
um.simpli.fi
409 B
1 semasio.net
uipglob.semasio.net
604 B
1 zeotap.com
mwzeom.zeotap.com
307 B
1 de17a.com
d5p.de17a.com
294 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk
189 B
1 appier.net
s.c.appier.net
362 B
1 emxdgt.com
e1.emxdgt.com
59 B
1 smartadserver.com
rtb-csync.smartadserver.com
ssbsync.smartadserver.com Failed
697 B
1 adkernel.com
dsp.adkernel.com
233 B
1 brand-display.com
dmp.brand-display.com
253 B
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
406 B
1 yimg.com
s.yimg.com
58 KB
1 mookie1.com
odr.mookie1.com
324 B
1 facebook.com
www.facebook.com
88 B
1 permutive.com
cdn.permutive.com
156 KB
1 facebook.net
connect.facebook.net
2 KB
1 teads.tv
a.teads.tv
251 B
1 omnitagjs.com
hb-api.omnitagjs.com
8 KB
1 jsdelivr.net
cdn.jsdelivr.net
972 B
1 spotxcdn.com
aka.spotxcdn.com
155 KB
1 spotx.tv
js.spotx.tv
590 B
1 userreport.com
sak.userreport.com
14 KB
1 anm.co.uk
hulkprod.anm.co.uk
12 KB
1 and.co.uk
swa.and.co.uk
502 B
0 smaato.net Failed
s.ad.smaato.net Failed
0 owneriq.net Failed
px.owneriq.net Failed
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
569 91
Domain Requested by
27 pagead2.googlesyndication.com srcdoc
clarium.global.ssl.fastly.net
www.googletagservices.com
ad.doubleclick.net
tpc.googlesyndication.com
www.dailymail.co.uk
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
25 dt.adsafeprotected.com www.dailymail.co.uk
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
24 cm.g.doubleclick.net 15 redirects eb2.3lift.com
eu-u.openx.net
www.dailymail.co.uk
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
21 s0.2mdn.net imasdk.googleapis.com
info.silobreaker.com
s0.2mdn.net
www.dailymail.co.uk
code.createjs.com
20 choices.trustarc.com choices.truste.com
www.dailymail.co.uk
choices.trustarc.com
20 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
info.silobreaker.com
www.dailymail.co.uk
19 i.dailymail.co.uk www.dailymail.co.uk
scripts.dailymail.co.uk
18 scripts.dailymail.co.uk www.dailymail.co.uk
scripts.dailymail.co.uk
17 ib.adnxs.com 6 redirects scripts.dailymail.co.uk
www.dailymail.co.uk
acdn.adnxs.com
eb2.3lift.com
ssum-sec.casalemedia.com
15 static.adsafeprotected.com pixel.adsafeprotected.com
www.dailymail.co.uk
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
14 tpc.googlesyndication.com securepubads.g.doubleclick.net
info.silobreaker.com
tpc.googlesyndication.com
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
12 images.taboola.com www.dailymail.co.uk
11 c.amazon-adsystem.com scripts.dailymail.co.uk
c.amazon-adsystem.com
10 googleads4.g.doubleclick.net info.silobreaker.com
10 pixel.adsafeprotected.com 5 redirects clarium.global.ssl.fastly.net
ib.3lift.com
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
10 eus.rubiconproject.com scripts.dailymail.co.uk
eus.rubiconproject.com
am-match.taboola.com
imprammp.taboola.com
www.dailymail.co.uk
10 eb2.3lift.com 1 redirects scripts.dailymail.co.uk
eb2.3lift.com
www.dailymail.co.uk
10 x.bidswitch.net 7 redirects ssum-sec.casalemedia.com
am-match.taboola.com
imprammp.taboola.com
10 btlr.sharethrough.com scripts.dailymail.co.uk
10 cdn.taboola.com scripts.dailymail.co.uk
cdn.taboola.com
www.dailymail.co.uk
9 c2shb.ssp.yahoo.com scripts.dailymail.co.uk
8 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
8 cookie-matching.mediarithmics.com 8 redirects
8 match.adsrvr.org 3 redirects scripts.dailymail.co.uk
eb2.3lift.com
eu-u.openx.net
ssum-sec.casalemedia.com
8 www.googletagservices.com scripts.dailymail.co.uk
securepubads.g.doubleclick.net
clarium.global.ssl.fastly.net
s0.2mdn.net
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
7 s.amazon-adsystem.com 3 redirects eb2.3lift.com
ssum-sec.casalemedia.com
www.dailymail.co.uk
7 id5-sync.com 5 redirects www.dailymail.co.uk
7 ssum-sec.casalemedia.com 2 redirects scripts.dailymail.co.uk
js-sec.indexww.com
ssum-sec.casalemedia.com
6 crta.dailymail.co.uk scripts.dailymail.co.uk
5 ads.stickyadstv.com 2 redirects imasdk.googleapis.com
cdn.stickyadstv.com
5 code.createjs.com s0.2mdn.net
5 pixel.advertising.com www.dailymail.co.uk
am-match.taboola.com
imprammp.taboola.com
5 simage2.pubmatic.com www.dailymail.co.uk
image6.pubmatic.com
ads.pubmatic.com
5 sync.taboola.com 2 redirects www.dailymail.co.uk
5 c1.adform.net 4 redirects ssum-sec.casalemedia.com
5 choices.truste.com clarium.global.ssl.fastly.net
ib.3lift.com
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
5 ad.doubleclick.net clarium.global.ssl.fastly.net
ib.3lift.com
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
5 trc.taboola.com cdn.taboola.com
www.dailymail.co.uk
5 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
5 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
5 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 www.dailymail.co.uk 1 redirects info.silobreaker.com
scripts.dailymail.co.uk
4 de1-bid.adsrvr.org ib.3lift.com
clarium.global.ssl.fastly.net
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
4 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
4 sync-t1.taboola.com www.dailymail.co.uk
am-match.taboola.com
imprammp.taboola.com
4 ups.analytics.yahoo.com 2 redirects www.dailymail.co.uk
4 protected-by.clarium.io www.dailymail.co.uk
4 sync.search.spotxchange.com 3 redirects www.dailymail.co.uk
4 clarium.global.ssl.fastly.net info.silobreaker.com
4 mfad.inskinad.com scripts.dailymail.co.uk
www.dailymail.co.uk
ssum-sec.casalemedia.com
4 bidder.criteo.com scripts.dailymail.co.uk
static.criteo.net
4 fastlane.rubiconproject.com scripts.dailymail.co.uk
4 prebid.adnxs.com scripts.dailymail.co.uk
4 uk-script.dotmetrics.net www.dailymail.co.uk
uk-script.dotmetrics.net
3 pubads.g.doubleclick.net imasdk.googleapis.com
www.dailymail.co.uk
3 token.rubiconproject.com eus.rubiconproject.com
3 t.skimresources.com www.dailymail.co.uk
s.skimresources.com
3 sync.mathtag.com 3 redirects
3 ice.360yield.com 3 redirects
3 fff.dailymail.co.uk scripts.dailymail.co.uk
3 eu-u.openx.net scripts.dailymail.co.uk
eu-u.openx.net
3 htlb.casalemedia.com scripts.dailymail.co.uk
3 tlx.3lift.com scripts.dailymail.co.uk
www.dailymail.co.uk
3 mailonline-uk-d.openx.net scripts.dailymail.co.uk
3 imasdk.googleapis.com www.dailymail.co.uk
imasdk.googleapis.com
2 a.sportradarserving.com 2 redirects
2 ade.googlesyndication.com www.dailymail.co.uk
2 cdn.stickyadstv.com imasdk.googleapis.com
cdn.stickyadstv.com
2 secure-assets.rubiconproject.com 2 redirects
2 beacon-ams3.rubiconproject.com www.dailymail.co.uk
2 taboola-supply-partners.tremorhub.com am-match.taboola.com
imprammp.taboola.com
2 gu.dyntrk.com 2 redirects
2 r.skimresources.com 1 redirects www.dailymail.co.uk
2 bttrack.com www.dailymail.co.uk
ssum-sec.casalemedia.com
2 dis.criteo.com 2 redirects
2 ce.lijit.com 1 redirects www.dailymail.co.uk
2 bh.contextweb.com 1 redirects www.dailymail.co.uk
2 pixel.rubiconproject.com 1 redirects www.dailymail.co.uk
2 rtb.mfadsrvr.com 2 redirects
2 pm.w55c.net 2 redirects ssum-sec.casalemedia.com
www.dailymail.co.uk
2 ib.3lift.com clarium.global.ssl.fastly.net
ib.3lift.com
2 us-u.openx.net eu-u.openx.net
2 search.spotxchange.com js.spotx.tv
2 ssum.casalemedia.com 2 redirects
2 js-sec.indexww.com scripts.dailymail.co.uk
ssum-sec.casalemedia.com
2 ads.pubmatic.com scripts.dailymail.co.uk
ads.pubmatic.com
2 da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 static.criteo.net scripts.dailymail.co.uk
static.criteo.net
2 pre.ads.justpremium.com scripts.dailymail.co.uk
2 hbopenbid.pubmatic.com scripts.dailymail.co.uk
2 e.serverbid.com www.dailymail.co.uk
2 storage.cloud.kargo.com scripts.dailymail.co.uk
storage.cloud.kargo.com
2 macro.adnami.io scripts.dailymail.co.uk
macro.adnami.io
2 sync.sxp.smartclip.net 1 redirects www.dailymail.co.uk
2 sb.scorecardresearch.com 1 redirects www.dailymail.co.uk
2 t.dailymail.co.uk scripts.dailymail.co.uk
2 ted.dailymail.co.uk scripts.dailymail.co.uk
2 info.silobreaker.com 1 redirects
1 cs.media.net 1 redirects
1 cms.quantserve.com da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
1 www.google.com da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
1 csi.gstatic.com imasdk.googleapis.com
1 z.moatads.com scripts.dailymail.co.uk
1 simage4.pubmatic.com ads.pubmatic.com
1 am-vid-events.taboola.com www.dailymail.co.uk
1 wf.taboola.com vidstat.taboola.com
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 video.dailymail.co.uk www.dailymail.co.uk
1 ad.turn.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 uipglob.semasio.net ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 d5p.de17a.com 1 redirects
1 crb.kargo.com storage.cloud.kargo.com
1 u.ipw.metadsp.co.uk 1 redirects
1 s.c.appier.net 1 redirects
1 e1.emxdgt.com www.dailymail.co.uk
1 rtb-csync.smartadserver.com www.dailymail.co.uk
1 dsp.adkernel.com www.dailymail.co.uk
1 u.openx.net www.dailymail.co.uk
1 match.taboola.com www.dailymail.co.uk
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 pixel.quantserve.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 image6.pubmatic.com ads.pubmatic.com
1 vidstat.taboola.com cdn.taboola.com
1 s.yimg.com clarium.global.ssl.fastly.net
1 eur-ukp.adsrvr.org clarium.global.ssl.fastly.net
1 prod-m-node-3113.ssp.yahoo.com clarium.global.ssl.fastly.net
1 15.taboola.com cdn.taboola.com
1 gum.criteo.com static.criteo.net
1 ads.adaptv.advertising.com scripts.dailymail.co.uk
1 prebid-server.rubiconproject.com scripts.dailymail.co.uk
1 creative.dailymail.co.uk www.dailymail.co.uk
1 s.skimresources.com scripts.dailymail.co.uk
1 odr.mookie1.com www.dailymail.co.uk
1 acdn.adnxs.com scripts.dailymail.co.uk
1 c.go-mpulse.net s.go-mpulse.net
1 cm.adform.net www.dailymail.co.uk
1 www.facebook.com www.dailymail.co.uk
1 ssl.google-analytics.com www.dailymail.co.uk
1 cdn.permutive.com scripts.dailymail.co.uk
1 connect.facebook.net scripts.dailymail.co.uk
1 google-analytics.com www.dailymail.co.uk
1 s.go-mpulse.net www.dailymail.co.uk
1 a.teads.tv scripts.dailymail.co.uk
1 hb-api.omnitagjs.com scripts.dailymail.co.uk
1 krk.kargo.com scripts.dailymail.co.uk
1 cdn.jsdelivr.net scripts.dailymail.co.uk
1 secured.dailymail.co.uk scripts.dailymail.co.uk
1 aka.spotxcdn.com www.dailymail.co.uk
1 js.spotx.tv 1 redirects
1 sak.userreport.com scripts.dailymail.co.uk
1 hulkprod.anm.co.uk scripts.dailymail.co.uk
1 swa.and.co.uk 1 redirects
0 ssbsync.smartadserver.com Failed da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
0 s.ad.smaato.net Failed da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
0 px.owneriq.net Failed ssum-sec.casalemedia.com
0 secure.adnxs.com Failed ssum-sec.casalemedia.com
0 pixel-sync.sitescout.com Failed ssum-sec.casalemedia.com
0 aud.pubmatic.com Failed ads.pubmatic.com
0 p.skimresources.com Failed www.dailymail.co.uk
0 klkstrm.kargo.com Failed storage.cloud.kargo.com
569 167
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
*.dailymail.co.uk
DigiCert SHA2 Secure Server CA		 2021-02-16 -
2022-02-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.dotmetrics.net
Amazon		 2020-11-23 -
2021-12-22		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
dmgprivacyint.co.uk
R3		 2021-04-16 -
2021-07-15		 3 months crt.sh
*.smartclip.net
Amazon		 2021-01-29 -
2022-02-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.userreport.com
Amazon		 2021-02-19 -
2022-03-20		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-27 -
2021-08-27		 a year crt.sh
cdn.spotxcdn.com
GeoTrust RSA CA 2018		 2020-05-21 -
2021-06-20		 a year crt.sh
kargo.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
e.serverbid.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-26 -
2022-03-26		 a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2020-03-29 -
2022-03-29		 2 years crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.dev.kargo.com
Amazon		 2021-03-16 -
2022-04-14		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
mfad.inskinad.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2021-06-18		 a year crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
akstat.io
DigiCert Secure Site ECC CA-1		 2020-05-06 -
2021-08-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2021-03-02 -
2022-03-01		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.adform.net
DigiCert SHA2 Secure Server CA		 2020-04-02 -
2021-06-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2020-09-10 -
2021-10-12		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-12-26 -
2021-06-22		 6 months crt.sh
*.id5-sync.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-04-27 -
2021-07-28		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2020-09-09 -
2021-10-09		 a year crt.sh
*.truste.com
Amazon		 2021-02-16 -
2022-03-17		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-24 -
2021-05-12		 2 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
static.adsafeprotected.com
Amazon		 2020-10-03 -
2021-11-03		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2020-05-21 -
2022-07-17		 2 years crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA		 2019-11-25 -
2022-02-18		 2 years crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh

This page contains 54 frames:

Primary Page: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Frame ID: 04817E987B4E7731EA4CCA62A1F47AEE
Requests: 270 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 14347043DDE70AF7589B52BC2030D9DE
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 579A88355FB7D03D0542565E6AD1CE29
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 17274753D84AE6783F9AEB4007601595
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 046BE57A1F39B1C7D23428313DF6AE69
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Frame ID: 3969EF431B6BC3060A2995EA1EAF6891
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4483E0AE4FA4584813E056B18E81D669
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a3i4pto1619867974377
Frame ID: 9DD484D9A6D19D997BA70401C6506AE5
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Frame ID: 854012C146D2A58C844ABCFD0B393AA4
Requests: 7 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjMxNzYzMjo5NzB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOak14TnpZek1qbzVOekI0TWpVdyIsIndkIjp7Im8iOiI0MDYzMTc2MzIiLCJ3Ijo5NzAsImgiOjI1MH0sIndyIjoyfQ==
Frame ID: 16B6697F9E5F431B24E0C7B65C399146
Requests: 26 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjI3NzU1MjozMDB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOakkzTnpVMU1qb3pNREI0TWpVdyIsIndkIjp7Im8iOiI0MDYyNzc1NTIiLCJ3IjozMDAsImgiOjI1MH0sIndyIjoyfQ==
Frame ID: 3D6D4C871E549D251ED441E1AD7CE02A
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: C569E9CA47D322D612C544A7666F9794
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Frame ID: 5E51F81A91873D9CC02DBDC4A910D2B0
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.dailymail.co.uk
Frame ID: E4E06DF609EF960F50D48C44E9F7E3CD
Requests: 1 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjI3NzU1MjozMDB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOakkzTnpVMU1qb3pNREI0TWpVdyIsIndkIjp7Im8iOiI0MDYyNzc1NTIiLCJ3IjozMDAsImgiOjI1MH0sIndyIjoyfQ==
Frame ID: C4575024ABEE4819DFB77920F4271958
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BBE66C5B5C233DC64F6B6864CE36F83E
Requests: 10 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a1d46c6f-852e-4eeb-a07f-59024c7f124a&tbid=2a418ab0-9597-455e-85ca-e4d1d3d7c720-tuct786bed4&query=taboola_hm%3Da1d46c6f-852e-4eeb-a07f-59024c7f124a&isDirect=0
Frame ID: 02785F9987E7EC205BFB5356F9650105
Requests: 19 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.847000260247001
Frame ID: 2F40719EB024F5B18AF90676EE2450C6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 353C0C5F3C3C1B1C5425FD48A29BC8F9
Requests: 1 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/initsync/87622335-0647-4345-a5f0-44c40dafebab?partners=Tapad,ttd,mediamath,DBM,LiveRamp
Frame ID: 56DBA00A5E8EBFBC2CEFEE8BA394E469
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8261619582308977356
Frame ID: 91642BEBD1AB9AA3F09C6778CB1904FF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: 85EB652C8CDF09EEEAD3486440D3E834
Requests: 1 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Frame ID: A97678D3E1DB16199024EE0A195B5783
Requests: 24 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Frame ID: 333814E02D29FD54B21115300DBCE624
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D6C9959571C55C9E377E2BB660CEC2AC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10507625/1618587453204/index.html
Frame ID: 95538EF564741D08A247F38F1DC20645
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&cmcv=&pix=undefined&cb=1619867986570&uv=2958&tms=1619867986570&abt=adh5c-1_vA!insc_vA!moatVimpOptimization_vB!spa2_vA!sre_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=36859FDDF1215429990738196246&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 696CEB88C04E49EE85EDD924B3212F6C
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 1EADE24F52EEDC32AFAEEF75DD14F8F7
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: FED14D03A514CB4D0F9A176C1C7353BA
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adj/N4331.284566THETRADEDESK/B25637237.301547608;sz=300x250;click0=http://insight.adsrvr.org/track/clk?imp=96f9f5e5-c14e-454d-9a9d-304d4f3b6c14&ag=mcjg006&sfe=12c4b945&sig=A8ZhScTmX8Sh4Krs_c4GoxyRYf4Z-gY1nqdsMEmTMts.&crid=sqh3smbl&cf=2224661&fq=0&t=1&td_s=www.dailymail.co.uk&rcats=zm4,jba,7sp,usw,5rf,7gr,3c6,2gy,hmy,y29,tmc,d3i&mcat=&mste=dailymail.co.uk&mfld=4&mssi=None&mfsi=1n1l9xz7a8&sv=triplelift&uhow=157&agsa=&wp=3.508&rgco=Belgium&rgre=Brussels%20Capital&rgme=&rgci=Brussels&rgz=1930&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=376&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=&c=OAFQAYABAIgBAQ..&dur=&durs=UJSBm-&crrelr=&npt=&svscid=3568&mdl=Chrome%20-%20Windows&adpt=tl_ltriplelift&ipl=hd_57447&ict=Unknown&said=47031069887385745714&auct=1&grdc=CAE.&r=;ord=856553;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Frame ID: 66C91B28127B3292F99335019346EB87
Requests: 18 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 0203CADD3314BFBC6633F252D00370D1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 045166910B2EEFE1AC6D299DBBF5CB28
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 7B085D88920585A1C44DE93A5DE99353
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/10507625/1618583823539/index.html
Frame ID: CB659CBAB31C0411FD8BC3B909A3364B
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 53740E86E7994F6B8A626632EB8AD0A5
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 4DB0DBA2C9B3216ECC89D63762F39EE6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 07D95E40FFD6CAA57BD64D75B26FB301
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10507625/1618587959786/index.html
Frame ID: CFF8104E03CFDF9CF4F6DA84E15D6B98
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E6ABFC68E77761027B204ABFE879BC7A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10507625/1618587295327/index.html
Frame ID: B31C558DCDD3B39A8C305F5410970CF5
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 5C5B133D066606F4C1B76393714F92E4
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 967ADE094D79DFAE52148C8B9BF89DF0
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: D7FAEFB3310DF9A920D586EE4F23639F
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 2DC964C6BF524E097F14D1469DADAE64
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Frame ID: 3D2D285141864704F1A9AF17A029B6BC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Frame ID: C53D5626F10955091D41E2CB95FCD611
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 5460403CE653CD1EDC1F5C505AC0BFEF
Requests: 2 HTTP requests in this frame

Frame: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 42A5230EDC2137D14BD02E4A53E4DD28
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E5820FE4C2171422E37C8E93B79B4C6C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 269A5D7365B03B42E5323E5E85F0F7E3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10507625/1618583823539/index.html
Frame ID: 5EB2B5EFD3B0B5D7AC42026858B8397E
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: C515DA4913E19DC4DB4784848741E7D5
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: AAA15EE142C1976C5A06C1EAD997C0CC
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 5D1F8BB9CB549CE3DD85E5B595405444
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1... HTTP 307
    http://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-ch... HTTP 301
    https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-ch... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i

Page Statistics

569
Requests

95 %
HTTPS

27 %
IPv6

91
Domains

167
Subdomains

115
IPs

11
Countries

6280 kB
Transfer

17627 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1?_ud=eefe7e11-873c-4c6a-a4c5-6e942189913d&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    http://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY HTTP 301
    https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://swa.and.co.uk/b/ss/anddailymailprod/1/JS-2.9.0/s7629744927734?AQB=1&ndh=1&pf=1&t=1%2F4%2F2021%2013%3A19%3A31%206%20-120&fid=21DC4F9A0E73AD26-001EDA252ED12630&ce=iso-8859-1&ns=associatednorthcliffedigital&cdp=3&pageName=%2Fwires%2Freuters%2Farticle&g=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9ri&c.&gunther=17.14.0&fesbv=5.13.0&feabv=6.19.2&vbv=6.12.0&tag=fe_desktop_default&pushNotificationStatus=not_supported&.c&ch=dailymail.co.uk&events=event108%2Cevent2%2Cevent25&c1=%2Fwires&v1=D%3Dc1&c2=%2Fwires%2Freuters&v2=D%3Dc2&h2=dailymail.co.uk%2Fwires%2Freuters&c4=article&v4=D%3Dc4&c5=after%20masked%20bunnies%2C%20belgian%20artisan%20shifts%20to...&v5=D%3Dc5&c6=9529785&v6=D%3Dc6&c11=Logged%20Out&v11=D%3DpageName&v12=D%3Dch&c13=%2Fwires%2Freuters%2Farticle&c14=New&v14=New&c15=%2Fwires%2Freuters%2Farticle&v21=D%3Dc23&v22=D%3Dc24&c23=2021-04-30&v23=D%3Dc25&c24=14&c25=Reuters&v25=D%3Dc27&v26=D%3Dc28&c27=2021-05-01&v27=D%3Dc29&c28=13&c29=direct&v29=D%3Dc31&v30=D%3Dc32&c31=%2Fnews%2Farticle&c32=%2Fnews%2Farticle&v33=D%3Dc39&c37=DE&c39=%2Fnews%2Farticle&c44=D%3Dg&c46=17.14.0&c47=adBlocker%20off&v49=%21-%21EXT%21-%21&v50=D%3Dg&c51=Clicked%20a%20link%20or%20entered%20a%20URL&c53=%2Fnews%5E%2Fnews%5Earticle&v54=NoInstart&c57=66603209&v57=D%3Dc57&v58=Guest&c59=1%5E1%5E1&v59=D%3Dc59&c65=Desktop&v65=Desktop&v67=112c5d16-59e2-4762-8900-c7ca93a9a712&v70=c&v96=77%3A0%3A9%3A7%3A9%3A26%3A26&v105=wv%3D1%2Cco%3D0%2Cdk%3D1%2Cdv%3D1%2Chu%3D0%2Cnz%3D1%2Cdw%3D1%2Cwb%3D1%2Cwi%3D1%2Cfr%3D1&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=aXtTAzFY1mFyyY&AQE=1 HTTP 302
  • https://sb.scorecardresearch.com/r?c2=6034964&d.c=gif&d.o=anddailymailprod&d.x=2865316298&d.t=page&d.u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY HTTP 302
  • https://sb.scorecardresearch.com/r2?c2=6034964&d.c=gif&d.o=anddailymailprod&d.x=2865316298&d.t=page&d.u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Request Chain 27
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=10 HTTP 302
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=10&ang_testid=1
Request Chain 35
  • https://js.spotx.tv/directsdk/v1/234272.js HTTP 307
  • https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Request Chain 75
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=e0d54306-3599-429e-b3bb-4b149e7b7685
Request Chain 103
  • https://pr-bh.ybp.yahoo.com/sync/appnexusprebidserver/?gdpr=0&euconsent=&us_privacy=&url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dbrightroll%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=brightroll&gdpr=0&gdpr_consent=&uid=y-lh7t3gBE2pGNDwUsmalbpwx2QnlJrzq_q.cJeOdpNCV6wV8nf0Iuqww-~A
Request Chain 137
  • https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Request Chain 141
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e0d54306-3599-429e-b3bb-4b149e7b7685&ssp=themediagrid&gdpr=&gdpr_consent=
Request Chain 143
  • https://ssum.casalemedia.com/usermatchredir?s=185638&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=185638&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1 HTTP 302
  • https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=YI05SprvzqpCTpf4L7IojAAA%261129
Request Chain 159
  • https://sync.search.spotxchange.com/partner?source=dados HTTP 302
  • https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=1f4dd82d-aa6f-11eb-b052-141484330306
Request Chain 173
  • https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Request Chain 174
  • https://id5-sync.com/i/167/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/167/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8irmiLFZjAFqkZYWTZGrgBR0Qx7wmfW-ao4qmA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F167%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8irmiLFZjAFqkZYWTZGrgBR0Qx7wmfW-ao4qmA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F167%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/167/124/8/2.gif?puid=e0fd4052-3b4c-4a2c-8e36-a1800f204f7c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_tc= HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEEM34v3hcJ3EwvchDj39cTs&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEEM34v3hcJ3EwvchDj39cTs&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEEM34v3hcJ3EwvchDj39cTs%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5021937871024251783&opid=apx&ops=&utidl=tech:goo:CAESEEM34v3hcJ3EwvchDj39cTs&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17232866755&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJVbNgQomt-hBpfEtnBYZ0A&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 212
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5NjI3MTk4MDIwMTE4NDI2NzQ%3D
Request Chain 214
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/7090362206620479910?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-SSkaeQRE2oTp30Yjdj4aBr8bCHxGGebCs3t6YBug1g--~A&dongle=0883
Request Chain 215
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5113621828939330411&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 216
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=7090362206620479910 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7090362206620479910&dcc=t
Request Chain 217
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 222
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4fc5608d-394c-4f00-9cc6-c44e6fdb818a
Request Chain 223
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=o7z_g6a18te4vvXSpe_q16bqpYS4vfWBp7xyMEHl
Request Chain 224
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=760253858157091964
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9OggHmZDC3VSI-QVDg3jE&google_cver=1
Request Chain 237
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI05SprvzqpCTpf4L7IojAAABGkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI05SprvzqpCTpf4L7IojAAABGkAAAIB&dcc=t
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YI05SprvzqpCTpf4L7IojAAABGkAAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEGkwapY3NdtrlJVPol_DXa4&google_cver=1
Request Chain 240
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YI05Tai0YTdwuhMqzashnwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPyjxeb0GYPH2nkAirCj7NM&google_cver=1
Request Chain 241
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=I2o77CJU1LCNEY5&gdpr=1
Request Chain 242
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YI05SprvzqpCTpf4L7IojAAABGkAAAIB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YI05SprvzqpCTpf4L7IojAAABGkAAAIB
Request Chain 246
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a1d46c6f-852e-4eeb-a07f-59024c7f124a HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a1d46c6f-852e-4eeb-a07f-59024c7f124a&tbid=2a418ab0-9597-455e-85ca-e4d1d3d7c720-tuct786bed4&query=taboola_hm%3Da1d46c6f-852e-4eeb-a07f-59024c7f124a&isDirect=0
Request Chain 250
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=MKe92sI80Q40&ev=1&orig=trc&pid=562107
Request Chain 251
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=5113621828939330411&orig=trc
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENeKtTCG4Ox7dyc4Da72zYk&google_cver=1
Request Chain 254
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b3dc73dd-82cc-4e44-a376-17276b5c591d-tuct786bed0
Request Chain 255
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=27fbb4d7-e69f-42dd-9a86-35b8153e5be6
Request Chain 256
  • https://ce.lijit.com/merge?pid=42&3pid=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 260
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a2e71bfd-f4e9-43f6-9a59-3d5b2592bbe2
Request Chain 261
  • https://id5-sync.com/s/464/9.gif?puid=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8irmiLFZjAFqkZYWTZGrgBR0Qx7wmfW-ao4qmA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=e0fd4052-3b4c-4a2c-8e36-a1800f204f7c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_tc= HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEEM34v3hcJ3EwvchDj39cTs&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEEM34v3hcJ3EwvchDj39cTs&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5021937871024251783&opid=apx&ops=&utidl=tech:goo:CAESEEM34v3hcJ3EwvchDj39cTs&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17232866755&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
Request Chain 262
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=yjOUiyA_AG-mUnMtUjmNYA
Request Chain 264
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=c175ecff-85d2-414d-bb25-dd2a01795253&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=c175ecff-85d2-414d-bb25-dd2a01795253 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c175ecff-85d2-414d-bb25-dd2a01795253
Request Chain 278
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8261619582308977356
Request Chain 279
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VzG8FL9pT5uoibMbCu7IYg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 283
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5731BC14-BF69-4F9B-A889-B31B0AEEC862&gdpr= HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5731BC14-BF69-4F9B-A889-B31B0AEEC862&addseg=20
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTczMUJDMTQtQkY2OS00RjlCLUE4ODktQjMxQjBBRUVDODYy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECdU4_TqDP4IN-wjMgT7zgw&google_cver=1
Request Chain 287
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=760253858157091964
Request Chain 288
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=27fbb4d7-e69f-42dd-9a86-35b8153e5be6
Request Chain 289
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4fc5608d-394c-4f00-9cc6-c44e6fdb818a&gdpr=0&gdpr_consent=
Request Chain 290
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5113621828939330411&gdpr=0&gdpr_consent=
Request Chain 297
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01F4KTGA75PCDVZYDENATBA45A&persistence=1&checksum=90eec0b33bf5f6ee6d02cb00b31e5a6504775f86afaaf424638cda8d9b5e98c9
Request Chain 299
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YI05Tai0YTdwuhMqzashnwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPyjxeb0GYPH2nkAirCj7NM&google_cver=1
Request Chain 300
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YI05Tai0YTdwuhMqzashnwAABLsAAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEGkwapY3NdtrlJVPol_DXa4&google_cver=1
Request Chain 301
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI05Tai0YTdwuhMqzashnwAABLsAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI05Tai0YTdwuhMqzashnwAABLsAAAIB&dcc=t
Request Chain 305
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1619954385&gdpr=1
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4fc5608d-394c-4f00-9cc6-c44e6fdb818a&gdpr=1&gdpr_consent=
Request Chain 325
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4071877197420028967
Request Chain 329
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 340
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=27fbb4d7-e69f-42dd-9a86-35b8153e5be6&_origin=1&gdpr=1&gdpr_consent=
Request Chain 341
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YI05YgAAlzj4vABg HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YI05YgAAlzj4vABg&_origin=0&gdpr=0&gdpr_consent=&_test=YI05YgAAlzj4vABg
Request Chain 342
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP255d5fba-aa6f-11eb-b769-06bc59bb0262 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAyNTVkNWZiYS1hYTZmLTExZWItYjc2OS0wNmJjNTliYjAyNjI%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEHQ3GdW8qmI0dKx2EFXztGY&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHQ3GdW8qmI0dKx2EFXztGY&google_cver=1&apid=UP255d5fba-aa6f-11eb-b769-06bc59bb0262
Request Chain 358
  • https://pixel.adsafeprotected.com/rfw/st/697509/54255735/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2F&adsafe_type=f&adsafe_jsinfo=,id:c10c72a7-e44e-d8af-4335-c404198b1ab4,c:bmFjHk,sl:inView,em:true,fr:true,mn:app29ie,pt:1-5-15,wc:0.0.1600.1200,ac:315.197.970.250,am:i,cc:315.197.970.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:grpm1,nbld:0,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19*.697509-54255735%7C191%7C192%7C1a1%7C1a2%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:19*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:rjss,thd:1,et:2705,oid:20b114f0-aa6f-11eb-bf0b-0ae27972a930,v:19.8.193,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 366
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1f4dd7f4-aa6f-11eb-b052-141484330306&orig=video&us_privacy=1---
Request Chain 370
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1f4dd7f4-aa6f-11eb-b052-141484330306&orig=video&us_privacy=1---
Request Chain 375
  • https://pixel.adsafeprotected.com/rfw/st/697509/54255739/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2F&adsafe_type=f&adsafe_jsinfo=,id:e70309e0-8a7e-49c2-a4ea-5541c650451a,c:bmFjR1,sl:outOfView,em:true,fr:true,mn:app30ie,pt:1-5-15,wc:0.0.1600.1200,ac:978.513.300.250,am:i,cc:978.513.300.250,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:grpm1,nbld:0,fm:sw9OZH5+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C191%7C192%7C193%7C1a1%7C1a2*.697509-54255739%7C1a21%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1a2*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:rjss,thd:1,et:760,oid:22ed70d9-aa6f-11eb-a1fb-02f1c4264b70,v:19.8.193,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 432
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 433
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 478
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=346f2ce5716e8691c2f444fe9f452e3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g012_6957280066657596187 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MzQ2ZjJjZTU3MTZlODY5MWMyZjQ0NGZlOWY0NTJlMw==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEF6l4Gw9bqkytejGEgzPHp8&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=cb0ca920-be8d-4fda-a8b2-10d2cf45a776 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5021937871024251783 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/346f2ce5716e8691c2f444fe9f452e3&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-016qrjFE2oOFll0zSfaK04ixtkw0l7tePPKzkqnR~A HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=5f53608d-395c-4500-9349-6a37a92431a1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=7470794973695831336 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
Request Chain 481
  • https://pixel.adsafeprotected.com/rfw/st/697509/54255737/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2F&adsafe_type=f&adsafe_jsinfo=,id:21fe866f-b41f-0d2a-f0c6-94cb26e2c055,c:bmFlFd,sl:outOfView,em:true,fr:true,mn:app39ie,pt:1-5-15,wc:0.0.1600.1200,ac:3.20.300.600,am:i,cc:3.20.300.600,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:grpm1,nbld:0,fm:sw9P0xY+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C191%7C192%7C193%7C194%7C1a1%7C1a21%7C1a22%7C1a23%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l*.697509-54255737%7C1l1%7C1l2%7C1m1%7C1m2%7C1n1%7C1o1%7C1p%7C1q,idMap:1l*,pl:,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:rjss,thd:1,et:4461,oid:244beeff-aa6f-11eb-b09d-06d058ac3535,v:19.8.193,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 483
  • https://pixel.adsafeprotected.com/rfw/st/697509/54255737/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2F&adsafe_type=f&adsafe_jsinfo=,id:9dbd8fe8-624e-3760-449a-896d372383a9,c:bmFlGu,sl:outOfView,em:true,fr:true,mn:app02ie,pt:1-5-15,wc:0.0.1600.1200,ac:1297.20.300.600,am:i,cc:1297.20.300.600,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:grpm1,nbld:0,fm:sw9P0zw+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C191%7C192%7C193%7C194%7C1a1%7C1a21%7C1a22%7C1a23%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1m*.697509-54255737%7C1m1%7C1m2%7C1n1%7C1o1%7C1p%7C1q,idMap:1m*,pl:,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:rjss,thd:1,et:4421,oid:24776c39-aa6f-11eb-a874-02c790015d1e,v:19.8.193,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 487
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzQ2ZjJjZTU3MTZlODY5MWMyZjQ0NGZlOWY0NTJlMw==&gdpr=0&gdpr_consent=
Request Chain 488
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=346f2ce5716e8691c2f444fe9f452e3&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 538
  • https://pixel.adsafeprotected.com/rfw/st/697509/54255739/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fda99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fda99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2abcb8f8-181a-a593-24bc-07954336f60b,c:bmFmIN,sl:na,em:true,fr:false,mn:app01ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:grpm1,nbld:0,fm:sw9P2DN+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C191%7C192%7C193%7C194%7C1a1%7C1a21%7C1a22%7C1a23%7C1a24%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1l1%7C1l2%7C1l3%7C1l4%7C1m1%7C1n1%7C1o%7C1p*.697509-54255739%7C1p1%7C1p2%7C1p3,idMap:1p*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:rjss,thd:1,et:455,oid:29f250b0-aa6f-11eb-aa3a-06d8cca89c2a,v:19.8.193,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 542
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB0P5TxaAsegzNeNdHnrie8&google_cver=1&google_push=AQvitUJBuoPIIvGdfUgDRhIbq-4RPbd6y9AOyMZLjDKyk6RDT5WbVyyjirOxDCxRTjP2ykR3eIXIgp8ipZVMthnf9DJ7E6K28PsA2Q HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEB0P5TxaAsegzNeNdHnrie8&google_cver=1&google_push=AQvitUJBuoPIIvGdfUgDRhIbq-4RPbd6y9AOyMZLjDKyk6RDT5WbVyyjirOxDCxRTjP2ykR3eIXIgp8ipZVMthnf9DJ7E6K28PsA2Q HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8900ad02-3f4c-4133-8f87-590532b54f1a&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJBuoPIIvGdfUgDRhIbq-4RPbd6y9AOyMZLjDKyk6RDT5WbVyyjirOxDCxRTjP2ykR3eIXIgp8ipZVMthnf9DJ7E6K28PsA2Q&google_hm=O6BjqweDRJ68kDYo21doyw==
Request Chain 543
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPxpQ4PSDoO0KXVORUoYeJg&google_cver=1&google_push=AQvitUIHFh-SsGuH6V-AmlWFPD3fo6ncOKMieDFHA0BUFoREgOGiPLu208u7WBZcuQKIhK4XNh90AbW-UWwCysFS-Xr-wBFSwySDrQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPxpQ4PSDoO0KXVORUoYeJg&google_cver=1&google_push=AQvitUIHFh-SsGuH6V-AmlWFPD3fo6ncOKMieDFHA0BUFoREgOGiPLu208u7WBZcuQKIhK4XNh90AbW-UWwCysFS-Xr-wBFSwySDrQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE1ODkzNDExNTQ0NzU2NjQ5MQ&google_push=AQvitUIHFh-SsGuH6V-AmlWFPD3fo6ncOKMieDFHA0BUFoREgOGiPLu208u7WBZcuQKIhK4XNh90AbW-UWwCysFS-Xr-wBFSwySDrQ
Request Chain 544
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG8h4PxpybYY4CDhBDlZ0AE&google_cver=1&google_push=AQvitUJC-3-qbw17-IdA1pKORRaxgo5EB2IwYI038VJiyWVmXTEVxvMHgLWtJOFVsLzXzNKzrUq4eVbj2SE6ECemEo6OvjjiH-wjCQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081TktYMzAtMS1COElX&google_push=AQvitUJC-3-qbw17-IdA1pKORRaxgo5EB2IwYI038VJiyWVmXTEVxvMHgLWtJOFVsLzXzNKzrUq4eVbj2SE6ECemEo6OvjjiH-wjCQ
Request Chain 546
  • https://cs.media.net/cksync?type=g&google_gid=CAESEEvTDShifYyjmVZEokX6Mww&google_cver=1&google_push=AQvitUJ4t5EsOe-8Rn8noe6_tVAmiqpozJGvb4ZE9gnkWk-xrfrKn2rWbeisbBdBqd_AqCLxWdf5YBrYvB2VtuEv7xEn1FwfnpEM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyODY5NTk5MjEzODAxNTAwMFYxMA%3d%3d&mn_hm=MjYyODY5NTk5MjEzODAxNTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUJ4t5EsOe-8Rn8noe6_tVAmiqpozJGvb4ZE9gnkWk-xrfrKn2rWbeisbBdBqd_AqCLxWdf5YBrYvB2VtuEv7xEn1FwfnpEM

569 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8...
info.silobreaker.com/e2t/tc/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b445c83161b602511d65aff8f29308c3e90187bfe5b9b7f0d1844d399e75cfe

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:30 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d9d05ba8e51e0695cc891ace5e34e89921619867970; expires=Mon, 31-May-21 11:19:30 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=025ead851bf1a4db073684f8e4526ca82eec3c8a-1619867970; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray
64889d7d1c494c19-AMS
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
09c940c22d00004c19c59ff000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
db12e088-895e-4ed1-91e0-86ce09da2caa
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1%2B4BZyBOXyYsQW7jbfe5M9NkZYsdzpqTLYotl59qr5iHtPoLoM3%2F%2BOMRSfYpg1QXy0%2F%2BblU5CNklDJoxRo7M%2Be8RmaqF8v6aOdUS4Vzj2hmTC6be9Q%3D%3D"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
Primary Request After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html
www.dailymail.co.uk/wires/reuters/article-9529785/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tq...
  • http://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJ...
  • https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmi...
290 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cac02a41a2bf9640f0589a7172a8ba71ce49e15446c46898b1161f89f71f0006

Request headers

:method
GET
:authority
www.dailymail.co.uk
:scheme
https
:path
/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
x-loc=none
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1

Response headers

content-type
text/html;charset=UTF-8
set-cookie
x-loc=none; path=/ percent=853451;Max-Age=31536000;path=/;HttpOnly;Secure ak_bmsc=5BBE87B0E04B2B98BE0A61929469805B0210BABF841B000042398D60C115DD4F~plP3GrRO8uZ9v6pqUAyi5PcAuO1CHaAee4RTIil2M9EkLrOMiqh8tjBg+uGOOVqAoAHZaosxFbGvDgT3WqBeGFFdtE3usQVSCxIuNjV1Gr3eBZLOkr/O3fE56AblKOTaEiDclYcK9S/x3cCDoZbNHB8CfFL3GKvc17SEE6R0YlQ5CW2O0MdeteJidFp4CnscT7DZo/s0M+0Qp2g/34Cq01K2kST3Vp1a7zdewCrUBq5v3R07kvvJ3oa3QOF78IG5Pz; expires=Sat, 01 May 2021 13:19:30 GMT; max-age=7200; path=/; domain=.dailymail.co.uk; HttpOnly AKA_A2=A; expires=Sat, 01-May-2021 12:19:30 GMT; path=/; domain=dailymail.co.uk; secure; HttpOnly
x-rs-ctime
240
vary
User-Agent Accept-Encoding
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
server-timing
origin; dur=81 edge; dur=45 cdn-cache; desc=REVALIDATE
x-mol-georesp
de
x-rs-ben-time
Sat, 01 May 2021 11-19-30 GMT
x-rs-time
Sat, 01 May 2021 11-19-29 GMT
x-rs-ops
varnish6-web-a2-fe:6081
x-rs-ben
cljfe-a8:8181
x-storage
newarticles
x-akamai-transformed
9 292784 0 pmb=mRUM,2
content-encoding
gzip
cache-control
max-age=38
date
Sat, 01 May 2021 11:19:30 GMT

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Date
Sat, 01 May 2021 11:19:30 GMT
Connection
keep-alive
Set-Cookie
x-loc=none; path=/
Server-Timing
cdn-cache; desc=HIT edge; dur=1
Vary
User-Agent
mol-adverts.desktop.css
scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.desktop.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
965d8f580475533a5f086cc3d84c5b50b3dde5cde78959fb2a1261bcbc8e34e7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:30 GMT
content-encoding
gzip
last-modified
Tue, 27 Apr 2021 15:34:52 GMT
server
AkamaiNetStorage
etag
"659e2fb774fd0323aee23346eb0cae21:1619537692.295548"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
6040
expires
Mon, 31 May 2021 11:19:30 GMT
articleDefer.css
scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.19.2/ 		337 KB
103 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.19.2/articleDefer.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d4e19725f2267ea85db18c1072e6cad9ce5e3de2ca1184e3c780d415abba9e4f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:30 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 08:22:58 GMT
server
AkamaiNetStorage
etag
"e5ef61c96ede54ae29497f0762e65729:1617178978.300287"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Mon, 31 May 2021 11:19:30 GMT
registration--.css
scripts.dailymail.co.uk/static/gunther/17.13.0/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/gunther/17.13.0/registration--.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
03482ceb4519a7706406f47e5992b55e9e5974abd56c45af482a7e1a09d836e6

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:30 GMT
content-encoding
gzip
last-modified
Fri, 26 Jun 2020 09:40:48 GMT
server
AkamaiNetStorage
etag
"1d7a19f1f78591a33d5ec97dd91f96b4:1593164448.110325"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
5639
expires
Mon, 31 May 2021 11:19:30 GMT
desktop.css
scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.13.0/ 		152 KB
95 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.13.0/desktop.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
dbc991c489fc2146df3283bc340a50f0565f10b26228478611eb01846d4d66b1

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:30 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 09:30:34 GMT
server
AkamaiNetStorage
etag
"f8c7e56aabc09dedf798651fd60066b9:1617874234.578618"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Mon, 31 May 2021 11:19:30 GMT
all--.css
scripts.dailymail.co.uk/static/gunther/17.14.0/ 		267 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/gunther/17.14.0/all--.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d43ac5826a74f4e5dcd9435aabe994b89a7e2030babd441463c621e96eec0375

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:30 GMT
content-encoding
gzip
last-modified
Fri, 17 Jul 2020 15:49:15 GMT
server
AkamaiNetStorage
etag
"e391873d0754fa60110c5299203d6f76:1595000955.065137"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
43619
expires
Mon, 31 May 2021 11:19:30 GMT
all1--.css
scripts.dailymail.co.uk/static/gunther/17.14.0/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/gunther/17.14.0/all1--.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
62e5b5020499d0dbd26922152f199b559ee4922d9132b4242364edf88dc63121

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:30 GMT
content-encoding
gzip
last-modified
Fri, 17 Jul 2020 15:49:25 GMT
server
AkamaiNetStorage
etag
"2456679cc8c0c996054aec3c292d82d0:1595000965.438073"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
11487
expires
Mon, 31 May 2021 11:19:30 GMT
rc-main--.css
scripts.dailymail.co.uk/static/gunther/17.14.0/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/gunther/17.14.0/rc-main--.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ee80e2de5c026fa3c0786f587eed85d1521d50ba1aba027c2b0714c108c351a6

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:30 GMT
content-encoding
gzip
last-modified
Fri, 17 Jul 2020 15:49:16 GMT
server
AkamaiNetStorage
etag
"02c739164733a3164294a8737f313c36:1595000956.467317"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
4951
expires
Mon, 31 May 2021 11:19:30 GMT
fff.css
scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.6.0/styles/ 		46 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.6.0/styles/fff.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
01ae4bee7f4b463778e1e929d83b4eedcaf598d05ae8e748030259b5b5f0b083

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:30 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 08:04:24 GMT
server
AkamaiNetStorage
etag
"cf69bb0d655c656383a84adc6fe705c6:1618214664.055212"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
8947
expires
Mon, 31 May 2021 11:19:30 GMT
v-0.58.min.js
scripts.dailymail.co.uk/rta2/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/rta2/v-0.58.min.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
08cbadc6957dd17b23964ba5763146e595ce4be96dbbb12f297909b1f70eff25

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:30 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 15:24:25 GMT
server
AkamaiNetStorage
etag
"e29ae5b09b7c2666dc21de1c945df71c:1610033065.33783"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
5798
expires
Mon, 31 May 2021 11:19:30 GMT
desktop.js
scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.13.0/ 		369 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.13.0/desktop.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
991cd2d69556d771f42364f7b0f3c31c26839438d4be4ee7daa286ba6d5aa921

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:30 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 09:30:40 GMT
server
AkamaiNetStorage
etag
"a06e89a3c11b2300d404940e6f6220e2:1617874240.575002"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Mon, 31 May 2021 11:19:30 GMT
mol-adverts.js
scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/ 		1 MB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5cfa26c3b2245921ed8900f3d9345c0ea6fd41f31f6322811ecc8ac86569d635

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:30 GMT
content-encoding
gzip
last-modified
Tue, 27 Apr 2021 15:34:54 GMT
server
AkamaiNetStorage
etag
"19a6061c6ba104ca6a57b422d6bc7fb1:1619537694.88442"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 31 May 2021 11:19:30 GMT
articleDefer.js
scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle//6.19.2/ 		520 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle//6.19.2/articleDefer.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ce03ad949eaf22f8146d090a7491cbd5130e48b064467fa71b8099675d5b9c7a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:31 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 08:22:49 GMT
server
AkamaiNetStorage
etag
"a6945714be7ce0a2c93187d1db1a67f9:1617178969.402267"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Mon, 31 May 2021 11:19:31 GMT
async_bundle--.js
scripts.dailymail.co.uk/static/gunther/17.14.0/ 		328 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/gunther/17.14.0/async_bundle--.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0c7912ff68380c2a84d28cf812215fb6d230d5750f9f67b328970e01d0da5a37

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:31 GMT
content-encoding
gzip
last-modified
Fri, 17 Jul 2020 15:49:20 GMT
server
AkamaiNetStorage
etag
"0620d2935cb03d1451a72e524963ba2d:1595000960.633166"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Mon, 31 May 2021 11:19:31 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		334 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117044
x-xss-protection
0
expires
Sat, 01 May 2021 11:19:33 GMT
mol-fe-videoplayer.min.css
scripts.dailymail.co.uk/static/videoplayer/6.12.0/styles/ 		90 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/videoplayer/6.12.0/styles/mol-fe-videoplayer.min.css
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c64308e6ed3ab4dc8c78868174040d8d09546ea9e6ab19682285a675897edc98

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:30 GMT
content-encoding
gzip
last-modified
Thu, 17 Dec 2020 10:11:19 GMT
server
AkamaiNetStorage
etag
"62426632e135cbbb9a89d534c68e342c:1608199879.200558"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
12709
expires
Mon, 31 May 2021 11:19:30 GMT
mol-fe-videoplayer.min.js
scripts.dailymail.co.uk/static/videoplayer/6.12.0/scripts/ 		449 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
aedf94ad839f3db31848e2b9659dd2b576b7047ea6638988aacfd782df9d8c8c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:33 GMT
content-encoding
gzip
last-modified
Thu, 17 Dec 2020 10:11:17 GMT
server
AkamaiNetStorage
etag
"bee78577ce805b4bf5f249774d50c953:1608199877.465708"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Mon, 31 May 2021 11:19:33 GMT
logo_mol.gif
i.dailymail.co.uk/i/sitelogos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/sitelogos/logo_mol.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f17cf1cb73dc13f928ef0122375fe550926a471e46d614199bfe8ef69733437a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:33 GMT
last-modified
Tue, 09 Dec 2008 12:49:57 GMT
server
AkamaiNetStorage
etag
"258fb3209febe558120d7d564d7422b1:1228827055"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
3918
expires
Mon, 31 May 2021 11:19:33 GMT
DailyMail.png
i.dailymail.co.uk/i/furniture/facebook/DailyMail/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/facebook/DailyMail/DailyMail.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
95d607220b1d2e7808de3ec9a6381a11f036d9d84f37f7b3a604b1f91e8d4ecd

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:33 GMT
last-modified
Sun, 18 Apr 2021 23:36:35 GMT
server
AkamaiNetStorage
etag
"09d22b22b538f13d1ee0d26ef5bb711d:1618788995.184239"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
2604
expires
Mon, 31 May 2021 11:19:33 GMT
btn_ipadapp_5_308x111.png
i.dailymail.co.uk/i/pix//promoboxes/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix//promoboxes/btn_ipadapp_5_308x111.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5e8aeb859e55a6671b89115d84e0fd7e5435ea99b3b49e7ebd3d4c22e41185e8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:33 GMT
last-modified
Thu, 21 Apr 2011 16:49:47 GMT
server
AkamaiNetStorage
etag
"8bf2dc1c1ea05fc41fb7410b396a1bb6:1303404587"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
38475
expires
Mon, 31 May 2021 11:19:33 GMT
fff.js
scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.6.0/scripts/ 		119 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.6.0/scripts/fff.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
835f1dfc4109c578b77ba1b24a70cf3c07e73440aa65a94c329c29f763423bc5

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:34 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 08:04:25 GMT
server
AkamaiNetStorage
etag
"eea372bce8ac8e188267c4751ef1d05a:1618214665.536042"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
40433
expires
Mon, 31 May 2021 11:19:34 GMT
logo_cookie_reg.png
i.dailymail.co.uk/i/furniture/misc/ 		189 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/misc/logo_cookie_reg.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
2f59ac8dad7d832c75edc7cf917c512a3788d03ce0862b38c1bfccc54eb01d10

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:33 GMT
last-modified
Mon, 06 Nov 2017 11:54:00 GMT
server
Apache
etag
"2c776973168421488cd8ba0f131ef7f4:1509969240"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
189
expires
Mon, 31 May 2021 11:19:33 GMT
door.js
uk-script.dotmetrics.net/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/door.js?d=www.dailymail.co.uk&t=dmgt
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
55ac332dc42d47f18809130ee91be50fa5c4fe29a36b93de55f0293ba6dff416

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:33 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
AMS1-C1
etag
".www.dailymail.co.uk.dmgt.181.2021050111"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
private
content-type
application/javascript
x-amz-cf-id
PoxxikVlaY_VWPDIWOVV1fZ9ZmsoQDScfJgrKuxb928Rx-Hrd1isdA==
sa
ted.dailymail.co.uk/s/ 		232 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ted.dailymail.co.uk/s/sa
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6cd3e57958fff1231b06f2b4db548a9be8702477debe8aed33fbb0329e75cb30

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 01 May 2021 11:19:31 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Sat, 01 May 2021 11:19:31 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
232
x-rs-ops
rta2-rufus-a2-fe.hsk.mol.dmgt.net:8180
sa
t.dailymail.co.uk/s/ 		233 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.dailymail.co.uk/s/sa
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cf2c60e78ef72d44ad6f2f6aaf2f88dd75bb63e8f5d0f09e9e56683bb7a1c943

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 01 May 2021 11:19:31 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Sat, 01 May 2021 11:19:31 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
233
x-rs-ops
rta2-rufus-c2-fe.rdg.mol.dmgt.net:8180
r2
sb.scorecardresearch.com/
Redirect Chain
  • https://swa.and.co.uk/b/ss/anddailymailprod/1/JS-2.9.0/s7629744927734?AQB=1&ndh=1&pf=1&t=1%2F4%2F2021%2013%3A19%3A31%206%20-120&fid=21DC4F9A0E73AD26-001EDA252ED12630&ce=iso-8859-1&ns=associatednort...
  • https://sb.scorecardresearch.com/r?c2=6034964&d.c=gif&d.o=anddailymailprod&d.x=2865316298&d.t=page&d.u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-B...
  • https://sb.scorecardresearch.com/r2?c2=6034964&d.c=gif&d.o=anddailymailprod&d.x=2865316298&d.t=page&d.u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-...
48 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/r2?c2=6034964&d.c=gif&d.o=anddailymailprod&d.x=2865316298&d.t=page&d.u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-70.mad50.r.cloudfront.net
Software
/
Resource Hash
ee403944cf9c0065eee14f507f8eb887d8e333c8627d7347e137380f46a88938

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:34 GMT
via
1.1 d8c266ed74a4ecc05eeffe79fa473f7e.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
etag
W/"30-K3w/+rPqfRuZ+eZGax9xsuNr3hM"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
48
x-amz-cf-id
nzsLEQiP5ErqUDhhCtHgabLVen49CyRWH0RMpwOC1ZlJQUuB4IY5Wg==

Redirect headers

date
Sat, 01 May 2021 11:19:34 GMT
via
1.1 d8c266ed74a4ecc05eeffe79fa473f7e.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/r2?c2=6034964&d.c=gif&d.o=anddailymailprod&d.x=2865316298&d.t=page&d.u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
content-length
417
x-amz-cf-id
Y3I5ul3sGApjITJYyzM1rS7Uoy-LoVlTBPwadGYUL-Il2CKMHkGQPg==
register.js
hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hulkprod.anm.co.uk/api/web-push-notification/v1/static/latest/mol-fe-web-push-browser-register/register.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.13.0/desktop.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4c3cce7c2373fc4acb18cddf35cb7c8b28fea5e8ba592c520168c79a05cdb7b4

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-rs-ops
mol-fe-web-push-notification-a6-fe:8080
date
Sat, 01 May 2021 11:19:33 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, Authorization
content-length
11706
service-worker-allowed
/
expires
Sat, 01 May 2021 11:19:33 GMT
sync
sync.sxp.smartclip.net/
Redirect Chain
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=10
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=10&ang_testid=1
42 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.sxp.smartclip.net/sync?type=red&dsp=10&ang_testid=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.183.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:33 GMT
Server
nginx/1.17.6
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
42

Redirect headers

Date
Sat, 01 May 2021 11:19:32 GMT
Server
nginx/1.17.6
Location
https://sync.sxp.smartclip.net/sync?type=red&dsp=10&ang_testid=1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
edgedata.html
www.dailymail.co.uk/geo/ 		785 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/geo/edgedata.html
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dfb749c8597c2c8686580548520a1575a8026ed3efda320792bc9f5bc8cd246a

Request headers

:path
/geo/edgedata.html
pragma
no-cache
cookie
x-loc=none; AKA_A2=A; percent=853451; ak_bmsc=5BBE87B0E04B2B98BE0A61929469805B0210BABF841B000042398D60C115DD4F~plP3GrRO8uZ9v6pqUAyi5PcAuO1CHaAee4RTIil2M9EkLrOMiqh8tjBg+uGOOVqAoAHZaosxFbGvDgT3WqBeGFFdtE3usQVSCxIuNjV1Gr3eBZLOkr/O3fE56AblKOTaEiDclYcK9S/x3cCDoZbNHB8CfFL3GKvc17SEE6R0YlQ5CW2O0MdeteJidFp4CnscT7DZo/s0M+0Qp2g/34Cq01K2kST3Vp1a7zdewCrUBq5v3R07kvvJ3oa3QOF78IG5Pz; dm_clientsegment=c; mol-fe-segmentation.data={%22segments%22:{%22a%22:{%22weight%22:10}%2C%22b%22:{%22weight%22:10}%2C%22c%22:{%22weight%22:80}}%2C%22shuffleNumber%22:2%2C%22defaultSegment%22:%22default%22}; ruid=%7B%22ted.dailymail.co.uk%22%3A%7B%22chid%22%3A%22ko5nkdy4-ra3lyoc3j68-b9uwv42hryg%22%2C%22l%22%3A%22274%3A1619827200000%3A11268972120%22%2C%22__mou%22%3A%224680454938%3Adirect%3A1619867971272%3Ag2nmv%3A1%22%2C%22__mov%22%3A%2211268972120.direct%5Earticle%5Enews%5E.1.1619867971272.1619867971272%22%2C%22phid%22%3A%22view-ko5nkdy4-ra3lyoc3j68-b9uwv42hryg%22%7D%2C%22t.dailymail.co.uk%22%3A%7B%22chid%22%3A%22ko5nkdy4-ra3lyoc3j68-b9uwv42hryg%22%2C%22l%22%3A%22274%3A1619827200000%3A35319508339%22%2C%22__mou%22%3A%2220331600975%3Adirect%3A1619867971279%3Ag2nmv%3A1%22%2C%22__mov%22%3A%2235319508339.direct%5Earticle%5Enews%5E.1.1619867971279.1619867971279%22%2C%22phid%22%3A%22view-ko5nkdy4-ra3lyoc3j68-b9uwv42hryg%22%7D%2C%22%2F%22%3A%7B%22dd%22%3A23806%7D%2C%22v%22%3A0.58%7D; s_pers=%20s_pn2_v15%3D%252Fnews%252Farticle%7C1619869771126%3B%20s_vmonthnum%3D1622498399180%2526vn%253D1%7C1622498399175%3B%20s_vweeknum%3D1619906399192%2526vn%253D1%7C1619906399189%3B%20s_vdaynum%3D1619906399202%2526vn%253D1%7C1619906399201%3B%20s_fid%3D21DC4F9A0E73AD26-001EDA252ED12630%7C1777634371642%3B%20s_nr_v15%3D1619867971646%7C1622459971646%3B%20s_c39_v15%3D%252Fnews%252Farticle%7C1619869771673%3B%20gpv_c1%3D%252Fwires%7C1619869771740%3B%20gpv_c2%3D%252Fwires%252Freuters%7C1619869771744%3B%20gpv_c4%3Darticle%7C1619869771746%3B%20s_monthinvisit%3Dtrue%7C1619869771750%3B%20s_mweekinvisit%3Dtrue%7C1619869771761%3B%20s_dayinvisit%3Dtrue%7C1619869771766%3B; s_sess=%20s_pn_v15%3D%252Fnews%252Farticle%3B%20s_visit_v15%3D1%3B%20s_cc%3Dtrue%3B; bm_sv=7423719DEE1E73C1A86F6715A23D7583~N7G7nC5D4I3BgP+s72joo2Zx4k21hhMZx8deK85ERn/UKWILi79e2dUp/2dAK7G2d6n/Rh5dmAXfg4nSjtttjmbZsALINBX6z5eN+1a9lwbs+BK8E1tXf+fp4nKsKMFMZn7eiQ2M9kThvHGhMPDxdndwJ2HFVjjoHk8TD+DW3Dc=; _pubcid=4680454938; _gd1619867972172=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.dailymail.co.uk
referer
https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
:scheme
https
sec-fetch-site
same-origin
:method
GET
pragma
no-cache
cache-control
no-cache
Referer
https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:32 GMT
vary
User-Agent
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
content-type
text/html
cache-control
max-age=842
server-timing
edge; dur=1 cdn-cache; desc=HIT
set-cookie
x-loc=none; path=/ bm_sv=7423719DEE1E73C1A86F6715A23D7583~N7G7nC5D4I3BgP+s72joo2Zx4k21hhMZx8deK85ERn/UKWILi79e2dUp/2dAK7G2d6n/Rh5dmAXfg4nSjtttjmbZsALINBX6z5eN+1a9lwbH/aWQCHkx4gnPbOnNE2Njd9DjkmJ1ZxeBEN5Ovg0gqMFlGH9HsI33gB1YWjbkC54=; Domain=.dailymail.co.uk; Path=/; Max-Age=7199; HttpOnly
content-length
785
x-akamai-transformed
9 785 0 pmb=mRUM,2
gpt.js
www.googletagservices.com/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6885f0f9e2471215c58c630a45a4c52d421166db93b2f9388a96e122c9176ee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"858 / 168 of 1000 / last-modified: 1619820605"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21191
x-xss-protection
0
expires
Sat, 01 May 2021 11:19:33 GMT
launcher.js
sak.userreport.com/mol/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sak.userreport.com/mol/launcher.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:d000:8:5c85:cdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a2d04bb04d52ca53c1aaf2f8de8574e929f1136e08c828f36bfe0b03d588835

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
I0zZ8fJjlbBdpU31WSxSwsQh_njKJ8CZ
Content-Encoding
br
ETag
W/"6d509bc807890482e7742fa12a3fdc85"
Age
59
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 16 Nov 2020 11:54:59 GMT
Server
AmazonS3
Date
Sat, 01 May 2021 11:18:42 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)
Cache-Control
max-age=7200, s-maxage=60
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
nOHP6mzQPRUMrS_HzOP7pFN8k9VcG8w8dL9ELolWS8Hy75OLUp3Nbw==
pubcid.min.js
www.dailymail.co.uk/static/mol-adverts/demo/mol-21682/dist/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dailymail.co.uk/static/mol-adverts/demo/mol-21682/dist/pubcid.min.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586

Request headers

:path
/static/mol-adverts/demo/mol-21682/dist/pubcid.min.js
pragma
no-cache
cookie
_pbjs_userid_consent_data=3524755945110770; _pubcid=3e783b4a-2acd-4064-b1ff-774d8a481474; _gd1619867972583=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.dailymail.co.uk
referer
https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:34 GMT
content-encoding
br
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
last-modified
Sat, 13 Mar 2021 03:07:48 GMT
server
Akamai Resource Optimizer
etag
"c74b87c9a8cadd3463a338a08b3f2cf6:1603291730.298429"
vary
User-Agent
content-type
application/x-javascript
cache-control
max-age=661696
server-timing
cdn-cache; desc=HIT edge; dur=1
accept-ranges
bytes
timing-allow-origin
*
content-length
16091
expires
Sun, 09 May 2021 03:07:50 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 05:09:08 GMT
content-encoding
gzip
server
Server
age
22225
etag
8975e8311e479cf7d71d71133ee2dff8
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id
f1DEkIzLK2jZfnUeyaLzTDiAoT1mVV6M4_7Xofp1oAHiF-696mGFQA==
tfa.js
cdn.taboola.com/libtrc/unip/1125455/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1125455/tfa.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2c99319671e2e748cbd71c89d563843efc0cd38d9f300c6f7faac9ac8cdc427

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.d43hRMAmQVFwPeAlpWw6n9coerxkUT_
content-encoding
gzip
etag
"ae1c60bfeeed3b742b2e1dcf743046cb"
age
121
x-cache
HIT
x-amz-replication-status
PENDING
content-length
22267
x-amz-id-2
yv0hK9R+Ix44Al+lBCwoegxZfHMV0jUg7S7kcR9snMx7c6jAuZ2gwmup+qQ3mnAuyFUotSMf530=
x-served-by
cache-hhn11572-HHN
last-modified
Wed, 28 Apr 2021 08:42:18 GMT
server
AmazonS3
x-timer
S1619867974.996866,VS0,VE1
date
Sat, 01 May 2021 11:19:33 GMT
vary
Accept-Encoding
x-amz-request-id
WMC6T9AD7NH4KRGE
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
86
x-cache-hits
1
adsm.macro.4111597d-dc70-4fd8-b25e-7d24d8423e73.js
macro.adnami.io/macro/spec/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://macro.adnami.io/macro/spec/adsm.macro.4111597d-dc70-4fd8-b25e-7d24d8423e73.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77f951b4aefa28403632bfc068196aaf2051e44078527250c041ad4930d4e186

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 01 May 2021 11:19:34 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
BaNtzeZk591KUCHKDlyEXQ==
age
6481
content-disposition
cf-request-id
09c940d16900004e32cd99f000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 27 Nov 2020 15:55:08 GMT
server
cloudflare
etag
W/"0x8D892ECD0E071CB"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
6864e227-801e-006e-0130-2da953000000
cache-control
public, max-age=14400
x-ms-version
2014-02-14
cf-ray
64889d9569444e32-FRA
expires
Sat, 01 May 2021 15:19:34 GMT
directsdk.js
aka.spotxcdn.com/integration/directsdk/v1/
Redirect Chain
  • https://js.spotx.tv/directsdk/v1/234272.js
  • https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
418 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-234.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d6fa7c39b1d5e288c739c3a225a90d0698798485d5b17c1350dc17925942b841

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Sep 2020 19:35:03 UTC
Server
nginx
Access-Control-Allow-Headers
ETag
7112a693437c5fad3aa28033ed1f53f1
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=100
Connection
keep-alive
Timing-Allow-Origin
*
X-SpotX-Build-Version
1.31.0-20200910.1910
Content-Length
157844

Redirect headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:34 GMT
Last-Modified
Sat, 01 May 2021 11:19:34 UTC
Server
nginx
Location
//aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
post-check=0, pre-check=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
128
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
klick-dailymail.js
storage.cloud.kargo.com/ad/network/klick/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.cloud.kargo.com/ad/network/klick/klick-dailymail.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b94472d780db3b45c0920bb2dbd0cb57660d80671491ada0ef15776f3de9e812

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
S4lmeeHObFqS8xYQ_eDM32vJF.umlPRv
content-encoding
gzip
etag
"44e6b966c12b759049179f23810ace77"
x-amz-request-id
6FF7AA635055E7A7
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
1627
x-amz-id-2
+U9XRWm0kKlPTmQYygke82470SYqVNKxZz/3D161phit4wWe6Ymz170HIrQVn/6zU7zUJm8plEE=
last-modified
Mon, 10 Jun 2019 14:32:31 GMT
server
AmazonS3
date
Sat, 01 May 2021 11:19:33 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
topVideos.json
secured.dailymail.co.uk/feeds/commercial/ 		149 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secured.dailymail.co.uk/feeds/commercial/topVideos.json
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7be7e1b14cfccb20bc6cf40de595e1a6ea0d925082b2fb3d432d130ad0981ed5

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:32 GMT
Content-Encoding
gzip
x-rs-ben-time
Sat, 01 May 2021 11-16-15 GMT
Connection
keep-alive
Content-Length
43372
X-rs-ops
varnish6-web-c2-fe:6081
Access-Control-Allow-Headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, Authorization
x-rs-time
Sat, 01 May 2021 11-17-30 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=1800
Accept-Ranges
bytes
x-rs-ben
video-feed-c2:3000
x-storage
other
Expires
Sat, 01 May 2021 11:49:32 GMT
match
e.serverbid.com/udb/9969/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fpool%2Fset%2Fi.gif%3FpoolId%3D9969%26poolKey%3D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:33 GMT
content-length
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ddb104bfc7f551e36f4e7f6dcc3f74ed535f9cafada05fb7a48020cc47dc097c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
29904
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
931
etag
W/"676-oGMkyetDKaJVfD7FjCOAQ8DN00U"
x-served-by
cache-fra19161-FRA, cache-hhn4058-HHN
date
Sat, 01 May 2021 11:19:32 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cookie_sync
prebid.adnxs.com/pbs/v1/ 		797 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
8c3d6f983cfa327c5bd72cf1758aad3f7a70f3e3895e0939c1f34c803377795a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:33 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		178 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
4c5529c7339c4bef0e8b52e56c609607600040a2d6423060c21075d58ded81e0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:33 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
178
Expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_billboard&cmd=bid&secure=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
766c30b8b4535c0c25d430cf10afeb425699c6b003f0d3d45114369e8879d633

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 May 2021 11:19:33 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4977
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_puff_20&cmd=bid&secure=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
d0da92d842a959802c464ac9dc02b288c5e51f990a9dc3a8a8e4b0c09537cb84

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 May 2021 11:19:33 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_puff_45&cmd=bid&secure=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
4fcc407303f5f8b69da23d51842e3cf7d137e13d93e54599ac667a8cb410d1aa

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 May 2021 11:19:33 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4979
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_top&cmd=bid&secure=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
31f2b7d63be15672e28920924199ee7c45af9aaa0264b8f1bc967e924a89fb71

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 May 2021 11:19:33 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4979
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_puff_15&cmd=bid&secure=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
7cd1fd9aae4554ff3bd0d292f979faafeffc87e4fa830d58f607549a9d5a5ea8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 May 2021 11:19:33 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_leader_very_bottom&cmd=bid&secure=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
133b3bacacebea730035c2d4391408b8f728329ff8d30ad2ca1a31c13064ec34

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 May 2021 11:19:33 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_sky_left_top&cmd=bid&secure=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
49c9828a7abac5e237aabb2f4af9c17f4f66f7b6446fc84cb7e8868f0fe8c829

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 May 2021 11:19:33 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_sky_right_top&cmd=bid&secure=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
d22db0c10b025e174bf06ed9cf8f47795e69630e8226c3e0d4ba4b8b22546171

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 May 2021 11:19:33 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
fastlane.json
fastlane.rubiconproject.com/a/api/ 		6 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8625&site_id=124374&zone_id=587732%3B587732%3B587734%3B587734%3B1102954%3B1102954%3B587746%3B587746%3B587754%3B587754&size_id=2%3B2%3B2%3B2%3B2%3B2%3B15%3B15%3B15%3B15&alt_size_ids=57%3B57%3B57%3B57%3B%3B%3B%3B%3B10%3B10&p_pos=atf%3Batf%3B%3B%3B%3B%3B%3B%3Batf%3Batf&eid_pubcid.org=3e783b4a-2acd-4064-b1ff-774d8a481474%5E1&rf=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&tg_i.area=wires&tk_flint=pbjs_lite_v4.13.0-mol-1&x_source.tid=84b5d903-fe84-4c49-bf70-14de3c78dfb2%3B84b5d903-fe84-4c49-bf70-14de3c78dfb2%3B162fe9c6-daf9-43b4-a828-358273e757b0%3B162fe9c6-daf9-43b4-a828-358273e757b0%3B1a1be986-8c8d-46a4-8fa6-bafba900f648%3B1a1be986-8c8d-46a4-8fa6-bafba900f648%3Ba3e664d3-927a-43b4-84b2-de35b91ad890%3Ba3e664d3-927a-43b4-84b2-de35b91ad890%3B8c15c4d5-5b45-4794-824b-77a18902b92d%3B8c15c4d5-5b45-4794-824b-77a18902b92d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=10&rand=0.11085767463183127
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1fb2f23d1d0c536c1c4b208a19d98a74329a20ebebed72cff7046393f16846ff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:33 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
2745
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8625&site_id=124374&zone_id=587760%3B587760%3B587764%3B587764%3B587782%3B587782%3B724806%3B724806%3B587784%3B587784&size_id=15%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B9%3B9&alt_size_ids=10%3B10%3B%3B%3B%3B%3B10%3B10%3B8%2C10%3B8%2C10&p_pos=atf%3Batf%3B%3B%3B%3B%3Batf%3Batf%3Batf%3Batf&eid_pubcid.org=3e783b4a-2acd-4064-b1ff-774d8a481474%5E1&rf=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&tg_i.area=wires&tk_flint=pbjs_lite_v4.13.0-mol-1&x_source.tid=b3a5baeb-493b-4ade-8b54-2932dfccf735%3Bb3a5baeb-493b-4ade-8b54-2932dfccf735%3Bb849746b-35fc-4b23-8374-4088e79dbf07%3Bb849746b-35fc-4b23-8374-4088e79dbf07%3B868af501-d086-42c8-9fcd-89289e9184fd%3B868af501-d086-42c8-9fcd-89289e9184fd%3Bfa4bdb25-9642-4a3d-a131-838ecdd1f570%3Bfa4bdb25-9642-4a3d-a131-838ecdd1f570%3B9d1754a2-2bac-4eda-a514-03d435cd7f85%3B9d1754a2-2bac-4eda-a514-03d435cd7f85&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=10&rand=0.2843662961869693
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
89b6173a2468b8339a3f887a94cce3591130d98ed2a15c418c870ba98e0a2047

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:33 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
3768
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8625&site_id=124374&zone_id=587786%3B587786%3B1077764&size_id=9%3B9%3B57&alt_size_ids=8%2C10%3B8%2C10%3B68&p_pos=atf%3Batf%3B&eid_pubcid.org=3e783b4a-2acd-4064-b1ff-774d8a481474%5E1&rf=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&tg_i.area=wires&tk_flint=pbjs_lite_v4.13.0-mol-1&x_source.tid=fa49d4da-3606-44d1-ba75-95a93972c56a%3Bfa49d4da-3606-44d1-ba75-95a93972c56a%3B4927fc2f-6e7f-4411-8de9-c9dab0f97b4e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=3&rand=0.23059397174267438
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e87ddb32954308d92eca6501ea254cc5b3924b0698b15723a6f84cfd408a6ee4

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:33 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
2548
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=UE1ipEDEKoyyb15cvRxTAmVB&bidId=65d60c6440273ef&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3f7f300f6aee3d3e76842f0545c149cd6fe835c2f9290ce1a19526e5356cc329

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 May 2021 11:19:33 GMT
content-encoding
gzip
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
3806
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6QzdTnugEKMYiUEr5bbKJmmS&bidId=6681503842fc136&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:33 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=YAXW2p8nPTWGVCrPcj5NrxpA&bidId=67e704c560b165d&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:33 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=M46LPS2pKznZDhrVQRRVFfdn&bidId=68bbc6a1bb24df1&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:33 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=9gB7gxs6pHmD6t77SUopsddr&bidId=69361ea6d5b9d88&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:33 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=77KLm6Ar3LiwYgCjLn6WXoM1&bidId=7025c875502069b&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:33 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=77KLm6Ar3LiwYgCjLn6WXoM1&bidId=71cab515b2c79fa&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:33 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=t7x4dsgHox9LRR8hNFR7Yyzv&bidId=725e3cd56283841&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
eb220de9cea3da2a7fa26633deb965bbc698d3ab653a2e69da2d408ee7027ca1

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 May 2021 11:19:33 GMT
content-encoding
gzip
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
3956
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=mDYufSNjn6gUsPvDghG42mG6&bidId=730e6abd35c66f6&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:33 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=mDYufSNjn6gUsPvDghG42mG6&bidId=749e5fbd9c13fbc&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=4.13.0-mol-1&strVersion=3.2.1&secure=true
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.57.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:33 GMT
access-control-allow-credentials
true
vary
Origin
cdb
bidder.criteo.com/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.13.0-mol-1&cb=37702692451
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:33 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
arj
mailonline-uk-d.openx.net/w/1.0/ 		172 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-uk-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1a1be986-8c8d-46a4-8fa6-bafba900f648%2C1a1be986-8c8d-46a4-8fa6-bafba900f648%2Ca3e664d3-927a-43b4-84b2-de35b91ad890%2Ca3e664d3-927a-43b4-84b2-de35b91ad890%2Cb3a5baeb-493b-4ade-8b54-2932dfccf735%2Cb3a5baeb-493b-4ade-8b54-2932dfccf735%2Cb849746b-35fc-4b23-8374-4088e79dbf07%2Cb849746b-35fc-4b23-8374-4088e79dbf07%2C868af501-d086-42c8-9fcd-89289e9184fd%2C868af501-d086-42c8-9fcd-89289e9184fd%2Cc7cde6af-a3f6-4c61-8439-5e935268b4f0%2Cc7cde6af-a3f6-4c61-8439-5e935268b4f0%2C90d9be09-1e42-41ca-9ac6-d2b10a1e9b98%2C90d9be09-1e42-41ca-9ac6-d2b10a1e9b98%2C79afa685-a845-46f4-b902-efcf4bc16043%2C79afa685-a845-46f4-b902-efcf4bc16043%2C12111092-4372-4156-9102-ed9125082bce%2C12111092-4372-4156-9102-ed9125082bce&nocache=1619867973428&pubcid=3e783b4a-2acd-4064-b1ff-774d8a481474&aus=728x90%7C728x90%7C300x250%7C300x250%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250%7C300x250%7C300x250%7C300x250%7C160x600%2C120x600%7C160x600%2C120x600%7C160x600%2C120x600%7C160x600%2C120x600%7C300x250%7C300x250%7C300x250%7C300x250&divIds=leader_wide%2Cleader_wide%2Cmpu_middle%2Cmpu_middle%2Cmpu_puff_15%2Cmpu_puff_15%2Cmpu_puff_20%2Cmpu_puff_20%2Cmpu_puff_45%2Cmpu_puff_45%2Csky_left_top%2Csky_left_top%2Csky_right_top%2Csky_right_top%2Cmpu_mobile_top%2Cmpu_mobile_top%2Cmpu_top%2Cmpu_top&auid=540437664%2C540437664%2C538767661%2C538767661%2C538767663%2C538767663%2C538767664%2C538767664%2C538767666%2C538767666%2C538767667%2C538767667%2C538767668%2C538767668%2C538767673%2C538767673%2C539384359%2C539384359
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
7987f06211abb460b6da41416c608ae309378d5f1ead5c75d287b503a11af895

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:33 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
krk.kargo.com/api/v2/ 		2 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22f85edae0-b2ef-41a6-9c93-92c06f155823%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A3000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1619867973430%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2210743c325bad5114%22%3A%22_qHs31JqZVr%22%7D%2C%22bidSizes%22%3A%7B%2210743c325bad5114%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_qHs31JqZVr%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%223e783b4a-2acd-4064-b1ff-774d8a481474%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223e783b4a-2acd-4064-b1ff-774d8a481474%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22mpu_mobile_top%22%2C%22transactionId%22%3A%2279afa685-a845-46f4-b902-efcf4bc16043%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%2210743c325bad5114%22%2C%22bidderRequestId%22%3A%22106568150539cd1%22%2C%22auctionId%22%3A%221%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A2%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.223.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
X-Accel-Expires
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v2
mfad.inskinad.com/api/ 		162 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mfad.inskinad.com/api/v2
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.47.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.16.1 / adzerk bifrost/
Resource Hash
9263db0b2c4f539e35eb38263ccb29c19123f3fd6b845ae2808bfe6b6a81f867

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:34 GMT
ETag
W/"a2-9uz6md0VWrZB++KFeHULTl9CSCE"
Server
nginx/1.16.1
x-powered-by
adzerk bifrost/
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
Content-Length
162
x-served-by
engine-production-i-0ff39fe2dddab762b
auction
tlx.3lift.com/header/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.13.0-mol-1&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&tmax=3000
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.105.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d267fc1d47c7dee550e5ae2f19b275fa7cd1b7fd2257269c9e694609adff60d5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:33 GMT
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
2494
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&CanonicalUrl=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html&PublisherDomain=https%3A%2F%2Fwww.dailymail.co.uk
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
5f377305321545d6bcc612aed845c3b6982a52482d92df97fd7905dbd0d73f63
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
106
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
bid-request
a.teads.tv/hb/ 		16 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:33 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 01 May 2021 11:19:33 GMT
prebid
ib.adnxs.com/ut/v3/ 		67 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
88cbc108043a4e4be9853ec26fb75338fa01546430bf9ee1ff83e697f47438ce
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 May 2021 11:19:33 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.51:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1f31d675-0dc3-4fec-ab76-e3ece53b78f9
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		59 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
cd392f8ba24ac89ef844e3cbc8f20ce60c90e296271b312288668d9520080ba0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 May 2021 11:19:33 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.147:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
53a23a4f-b5b0-46e1-97e5-caea5d6e6879
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xhr
pre.ads.justpremium.com/v/2.0/t/ 		43 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1619867973628
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.9.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d34e8a1a381b203e3d1f7c6ed4f077038e91782ea254c7a7e4785462147a385a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:33 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
cygnus
htlb.casalemedia.com/ 		26 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=193651&v=7.2&r=%7B%22id%22%3A%22176be8f09f578392%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221772fb9357ba990b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193651%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221786e2c01fe34ebc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193651%22%2C%22sid%22%3A%22900x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221793a51fcf789d14%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193651%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221809e2d7b94a1595%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193651%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22181fe4420b471eb9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193651%22%2C%22sid%22%3A%22900x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2218231bc3ca3aaaf1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193651%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22183244227d774b86%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193657%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221842d707e711cdfe%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193657%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2218516e16c3fa6621%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193661%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22186353e1c1d5e273%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193661%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22187485eb0d703a22%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193661%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22188009d5cfbfb9d2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193661%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22189c4f62f186bcea%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193664%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22190c18e440bcaabd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193664%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221912827345abebb8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193664%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2219200ddc9d2e99ab%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193664%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22193a1e47d123d29c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193665%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221941cd8ef7bc2161%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193665%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22195d362f2dcbc7c5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193667%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22196878502907ef1b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193667%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22197d2243b0d87c22%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193673%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22198806393ab8501a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193673%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22199e1d6fb6722f58%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193673%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222000771b6cd89ddc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193673%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22201fb8b623a58b98%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193648%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22202191319cbd366f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193648%22%2C%22sid%22%3A%22900x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22203840a28cd2444e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193648%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22204298c41692a7d8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193648%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22205f9b930a87e1f8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193648%22%2C%22sid%22%3A%22900x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222061d04779a62dcf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193648%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222078d7980d3896b7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193670%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2220859f281931e7d8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193670%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22209904f7489883f3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193670%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22210d67f663f85efb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193670%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22211552fef3455963%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193671%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22212248d35c30b1bb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193671%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22213b8500993e5d77%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193671%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2221437b79156d5c68%22%2C%22ext%22%3A%7B%22siteID%22%3A%22193671%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2b4c51e20c3a25b89f20b99c844bb6e40eb5466714ade210863e8e2896c4c962

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:33 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.132], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
28
expires
Sat, 01 May 2021 11:19:33 GMT
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=e0d54306-3599-429e-b3bb-4b149e7b7685
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=e0d54306-3599-429e-b3bb-4b149e7b7685
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:34 GMT
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.59:80
AN-X-Request-Uuid
cadfbd0a-f35a-49cc-98db-69d8943d1677
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=e0d54306-3599-429e-b3bb-4b149e7b7685
date
Sat, 01 May 2021 11:19:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:33 GMT
content-encoding
br
last-modified
Mon, 28 Dec 2020 15:00:25 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
ga.js
google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google-analytics.com/ga.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5205
date
Sat, 01 May 2021 09:52:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 01 May 2021 11:52:49 GMT
fbds.js
connect.facebook.net/en_US/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d627fc5be72dfcfce4a1784ce0e2e4e19dfc2ebf102319fd8934e87c714052b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GAbCkdJL2v5bN8BQl7T21g==
cross-origin-resource-policy
cross-origin
expires
Sat, 01 May 2021 11:37:38 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2118
x-fb-rlafr
0
x-fb-debug
7v46mIWBLl/M0oFzF4yJfWdHR02JdNNJPGaxjOhNxvCvz1VkPWXyNhT9lECQyGkGo43VxM7VKRex3uTDNew5+g==
x-fb-content-md5
7affa1cac3289c8b35e553cc46a0a604
date
Sat, 01 May 2021 11:19:33 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"0313a411fbdbdf1e72e6a6e359a5dac5"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
masthead_wires_reuters.png
i.dailymail.co.uk/i/pix/channelheaders/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix/channelheaders/masthead_wires_reuters.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fe92185d07ca1bdd4c5fb355805bd21b3d46fe37b1d99d453c33716de45b382b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:34 GMT
last-modified
Wed, 23 Jul 2014 15:11:57 GMT
server
AkamaiNetStorage
etag
"1718fa36f7f8ecab528991944a8241e3:1406128317"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
31005
expires
Mon, 31 May 2021 11:19:34 GMT
navigation_bottom.gif
scripts.dailymail.co.uk/i/furniture/structure/ 		154 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scripts.dailymail.co.uk/i/furniture/structure/navigation_bottom.gif
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.13.0/desktop.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4eaa63fe224cad73f3348b716855de0ace8a3169abfc0d7b2845d083172f53dd

Request headers

Referer
https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.13.0/desktop.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:34 GMT
last-modified
Sun, 28 Sep 2008 03:12:58 GMT
server
AkamaiNetStorage
etag
"5ba7c12d8f24c055f60c7793d6990d8b:1222571578"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
154
expires
Mon, 31 May 2021 11:19:34 GMT
spt_weather_nav.png
i.dailymail.co.uk/i/furniture/weather/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/weather/spt_weather_nav.png
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/gunther/17.14.0/all--.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
0bf60782546bae441a6ce4783c2169777d728af37759e9805acbdaa48122cf36

Request headers

Referer
https://scripts.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:34 GMT
last-modified
Wed, 23 Dec 2009 12:07:55 GMT
server
Apache
etag
"2a0a9e4a75bf8d1c816c273119256500:1261570075"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
2301
expires
Mon, 31 May 2021 11:19:34 GMT
5f42864d-a421-4f37-9478-00266f871d68-web.js
cdn.permutive.com/ 		798 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/5f42864d-a421-4f37-9478-00266f871d68-web.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a768639a525014229e8ffc891e4667d02da7e2f3d37259072fe3dde1def9811

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:34 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
5f42864d-a421-4f37-9478-00266f871d68
age
2104
x-guploader-uploadid
ABg5-UzYKvFwrYPupy2bZWTpb3E7lID164ivHaTVSRA6QsN50VecQhMM4iIis9FvU7f1FKz7f2kmWDkP0xraY6-5cBs
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
cf-request-id
09c940d3ed00000b2fef058000000001
last-modified
Sat, 01 May 2021 06:44:23 GMT
server
cloudflare
etag
W/"0c5d45725d217c375b86494eea7cff53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=bipCXQ==, md5=DF1Fcl0hfDdbhklO6nz/Uw==
x-goog-generation
1619851463509449
cache-control
public, max-age=300
x-goog-stored-content-length
172293
cf-ray
64889d9978750b2f-AMS
expires
Sat, 01 May 2021 11:24:34 GMT
spt_socialicons_40x40eachbttn9.png
i.dailymail.co.uk/i/furniture/articles/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/articles/spt_socialicons_40x40eachbttn9.png
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-async-bundle/6.19.2/articleDefer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3381376497b5b338f301a29f4b399d81331e55a568f02df5db466149e5826f13

Request headers

Referer
https://scripts.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:34 GMT
last-modified
Thu, 17 May 2018 13:20:45 GMT
server
AkamaiNetStorage
etag
"bab988d64a75ef93640c8ed16e05987b:1526563245"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
26818
expires
Mon, 31 May 2021 11:19:34 GMT
truncated
/ 		233 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b707cea228ebd1afe82a1840449e8c14d79bb62ec828d1ca7c3b6832a6905133

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		663 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
deb959c047f364b4d81eb0b735fd60c7172cb808ddad43546948d90a38ad362e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0a9ac514283709cb85750e1a15f4ed549be7d0caa7711a70a3249d15538ac44

Request headers

Origin
https://www.dailymail.co.uk
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b7e7d1bedae2fca5895468c68d7a3f06c5fa573a19fbdc1ea4da51441d59458

Request headers

Origin
https://www.dailymail.co.uk
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff
loader.js
cdn.taboola.com/libtrc/dailymail-row/ 		413 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/dailymail-row/loader.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
336dcb93aaaa41e47c5c3c97a5eead2f11cb13bbea1258302b31e8d878051fa4

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
AJhGE2UR38dTFIPlKLZtK8tQKMp1AjyZ
content-encoding
gzip
etag
"62ce69b15e762e0bc9befb9d879e8d59"
age
68
x-cache
HIT
content-length
38487
x-amz-id-2
VQQxn4USwjMat+jhbjOamrVNI37p1zAoFZpfBjw8vNb8F8O6RuAb+CCO1XpmbmO1ehGlotrCgK8=
x-served-by
cache-hhn11572-HHN
last-modified
Wed, 28 Apr 2021 09:57:49 GMT
server
AmazonS3
x-timer
S1619867975.899835,VS0,VE1
date
Sat, 01 May 2021 11:19:34 GMT
vary
Accept-Encoding
x-amz-request-id
9W320XDGGDHHXH9M
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
31
x-cache-hits
1
comment_ticker.png
i.dailymail.co.uk/i/furniture/comments/articles/ 		85 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/comments/articles/comment_ticker.png
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/gunther/17.14.0/rc-main--.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
541c63ae81fe7799a19523dc8f2500646043eaa70d36985c3f2fc86264e4e71e

Request headers

Referer
https://scripts.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:35 GMT
last-modified
Tue, 28 Feb 2017 12:52:42 GMT
server
AkamaiNetStorage
etag
"18d36c5e83cfde23a9f5103f33f6ad32:1488286362"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
85
expires
Mon, 31 May 2021 11:19:35 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5887b03f44a197fcdc5400caec10de1c69f29619c1fdc868d4d461130e0f9efc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
spt_rndcorner_4.png
i.dailymail.co.uk/i/furniture/corners/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/corners/spt_rndcorner_4.png
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/gunther/17.14.0/all--.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
be6aaae29a207bdea28a1e545c6f5652abcd30845290ec990892805c895d78f6

Request headers

Referer
https://scripts.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:35 GMT
last-modified
Mon, 06 Nov 2017 11:54:17 GMT
server
AkamaiNetStorage
etag
"8709d0e0c6ea65aa87db0884a31b5355:1509969257"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
2998
expires
Mon, 31 May 2021 11:19:35 GMT
truncated
/ 		504 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a745591034534431b4e5e32815599cef3101631f9e6a9052a687d96dac1a3ea

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62675c01ca7a9e7af102c699f55fa970eee7f0106984839722e018e733744c03

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		996 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f650676047609c72f3c893b13a7148916bb0a9a5ff1f6ca9c531d07038ba31ae

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		868 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4717410c1ef684a572d4662c8bc6860a753e6ea7e9640d699c4f2a0e4d08c9e2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b27cc2654c00d737f49cb68b74ba7893c151612b1ad52543f4691f67db0cdf97

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
hit.gif
uk-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uk-script.dotmetrics.net/hit.gif?id=4615&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&dom=www.dailymail.co.uk&r=1619867975305&pvs=1&pvid=ko5nkh3dck3onp6ky8&c=true
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:35 GMT
dotmetrics-hit-status
01 OK
server
Kestrel
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
no-cache
content-type
image/gif
x-amz-cf-id
I9I6G_-8BecRG1MK3qicXEIuwuSfv8k8l5RmsqyEyBc28ZxEIYmvEg==
adsm.macro.rmb.js
macro.adnami.io/macro/gen/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://macro.adnami.io/macro/gen/adsm.macro.rmb.js
Requested by
Host: macro.adnami.io
URL: https://macro.adnami.io/macro/spec/adsm.macro.4111597d-dc70-4fd8-b25e-7d24d8423e73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb8f13e1d8ba94cff41b15550fb8091ebd72488d9f7a9bb72345d34427cfd66

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 01 May 2021 11:19:35 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
FNtO5ptK3MW0miQyJZmqSA==
age
2300
content-disposition
cf-request-id
09c940d69f00004e329eb90000000001
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Wed, 28 Apr 2021 12:34:47 GMT
server
cloudflare
etag
W/"0x8D90A4202AE41E7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
0396addd-901e-002f-302b-3cf1b7000000
cache-control
public, max-age=14400
x-ms-version
2014-02-14
cf-ray
64889d9dca264e32-FRA
expires
Sat, 01 May 2021 15:19:35 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
51530
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Fri, 30 Apr 2021 21:00:46 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 eae0fbb8e97278d435febe844db04b08.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
b4ZCnKjGa9FIcj9oqQ_vWHhbPwVJ4VnAll2DYE8wvI2oLalHK-7LPg==
pubads_impl_2021042701.js
securepubads.g.doubleclick.net/gpt/ 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Apr 2021 08:39:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108684
x-xss-protection
0
expires
Sat, 01 May 2021 11:19:35 GMT
__utm.gif
ssl.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1595710959&utmhn=www.dailymail.co.uk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=After%20masked%20bunnies%2C%20Belgian%20artisan%20shifts%20to...%20%7C%20Daily%20Mail%20Online&utmhid=801510579&utmr=-&utmp=%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&utmht=1619867975789&utmac=UA-3639451-1&utmcc=__utma%3D141568423.592649942.1619867975.1619867975.1619867975.1%3B%2B__utmz%3D141568423.1619867975.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 10:04:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4525
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/appnexusprebidserver/?gdpr=0&euconsent=&us_privacy=&url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dbrightroll%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/prebid/setuid?bidder=brightroll&gdpr=0&gdpr_consent=&uid=y-lh7t3gBE2pGNDwUsmalbpwx2QnlJrzq_q.cJeOdpNCV6wV8nf0Iuqww-~A
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=brightroll&gdpr=0&gdpr_consent=&uid=y-lh7t3gBE2pGNDwUsmalbpwx2QnlJrzq_q.cJeOdpNCV6wV8nf0Iuqww-~A
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:36 GMT
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.43:80
AN-X-Request-Uuid
aae8543a-9ffd-4464-aca7-5b76ea9a9e57
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Sat, 01 May 2021 11:19:35 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://ib.adnxs.com/prebid/setuid?bidder=brightroll&gdpr=0&gdpr_consent=&uid=y-lh7t3gBE2pGNDwUsmalbpwx2QnlJrzq_q.cJeOdpNCV6wV8nf0Iuqww-~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1401367413466420&ev=PixelInitialized&dl=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&rl=&if=false&ts=1619867975870
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sat, 01 May 2021 11:19:35 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&pid=VKWJ3TztadHGI&cb=0&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%22billBoard%22%2C%22s%22%3A%5B%22970x250%22%2C%22900x250%22%2C%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224680455013%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:35 GMT
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MAD50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
nc6yEH3qjifHYM1rEQ20VqyIDxPx_afAY-6c4bRaeb6bcR7m3lkeSw==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&pid=VKWJ3TztadHGI&cb=1&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%22mpu_top%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224680455013%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:35 GMT
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MAD50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
_q7BMxM-mqRYPFOKFkjdtMq65avdUFRolV7op4ZtUs34FsRA-g5jOQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&pid=VKWJ3TztadHGI&cb=2&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%22half_mpu_top%22%2C%22s%22%3A%5B%22300x150%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224680455013%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:35 GMT
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MAD50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Xa8ndtb1SRQCIYhNqkdbzXtPOvmUIchxbh1bYT4_lDS76fnqfd0hzQ==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
/
crta.dailymail.co.uk/ 		8 B
452 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.10 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:36 GMT
server
http-to-kafka/0.8.10
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Sat, 01 May 2021 11:19:36 GMT
42442496-0-image-a-93_1619857062366.jpg
i.dailymail.co.uk/1s/2021/05/01/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/05/01/09/42442496-0-image-a-93_1619857062366.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9139a1037fc1da24590c55c9f12e7858663f52ba30bec69484aa948b3fcdf46

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
oBjhFCr5kwfld9HhDoFmKzlMGFxUA2wN
last-modified
Sat, 01 May 2021 08:17:43 GMT
server
AmazonS3
x-amz-request-id
PHGB8QS46EBWCJ27
etag
"2674bef4eb82927861abcce5cff8a960"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sat, 01 May 2021 11:19:36 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
9155
x-amz-id-2
w0CLFdtS5ir+M7uAUcCtihKRTdfBeoQFVXfrJWfvOaZCZPtuEe+LXuVbamwAj9kFskbB+1YTx7Q=
expires
Mon, 31 May 2021 11:19:36 GMT
42442714-0-image-m-26_1619857425317.jpg
i.dailymail.co.uk/1s/2021/05/01/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/05/01/09/42442714-0-image-m-26_1619857425317.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bcbe28c69dd269aad5a4136091655b9984e79f834c7c70279e2c3180da78ff5

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pagrRF1ZSMr9ggKArtVxE1PiRpVbcZI.
last-modified
Sat, 01 May 2021 08:23:48 GMT
server
AmazonS3
x-amz-request-id
0XN6QX7JMWVT2VSS
etag
"1fd9f31454d70a280a4e5dc53ab8e9b8"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sat, 01 May 2021 11:19:36 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
9974
x-amz-id-2
3rK8T623LXpE0226E66qg5rENVX7dvSSMIzuraxEq1xfPL6LuRqeXnVrxRw6D4xADpwlRu1SuNo=
expires
Mon, 31 May 2021 11:19:36 GMT
42442854-0-image-a-9_1619858259923.jpg
i.dailymail.co.uk/1s/2021/05/01/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/05/01/09/42442854-0-image-a-9_1619858259923.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
631d0d915e88ed5a537a9d18107d8d944b7f5f6e7b22d75ddb174cdb65092e27

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
lwACoUjzGkJIeFkpKFVUZBP98vFreKQS
last-modified
Sat, 01 May 2021 08:37:41 GMT
server
AmazonS3
x-amz-request-id
9YRK558CSS9SWF9G
etag
"dbd09116a8bd61d0869bcd2c1446130c"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sat, 01 May 2021 11:19:36 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
6923
x-amz-id-2
hsq89mEoV3CDKn4c06tH+gC8taWd8XhmiRphzl2xb4lGRfjy6OOiDbATeaUgBOlhnAKNCNUCpD4=
expires
Mon, 31 May 2021 11:19:36 GMT
42429326-0-image-a-58_1619814875239.jpg
i.dailymail.co.uk/1s/2021/04/30/21/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/04/30/21/42429326-0-image-a-58_1619814875239.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae96e5ce3be586ef11595217226c38acf52b69e3d5b539d01c8f6a3d88f77f15

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1ePU1Nm71gF.EW9.KGJ7yI0FF2hKFoom
last-modified
Fri, 30 Apr 2021 20:34:35 GMT
server
AmazonS3
x-amz-request-id
YZ71DVQBS1E0QREG
etag
"2f442a75eb323dc1f8ea31e3ead9bd0f"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sat, 01 May 2021 11:19:36 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
9581
x-amz-id-2
ZujTZzmmR2jYi7M04iY4HvgYy5YRlv+dKZOailuEEMRBP/aByl5lzjvsSGrV4BAnmdxl0XgsOew=
expires
Mon, 31 May 2021 11:19:36 GMT
42442382-0-image-a-24_1619856733652.jpg
i.dailymail.co.uk/1s/2021/05/01/09/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/05/01/09/42442382-0-image-a-24_1619856733652.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
726f186f749f04093f8f5442915fcfcdaa41e9bd78498c0523a52a5a7f1a282e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
..S86bCLUVOnmaHo5vXwV95YyMQ8.cWq
last-modified
Sat, 01 May 2021 08:12:14 GMT
server
AmazonS3
x-amz-request-id
TV4YC6H2JXHC26HR
etag
"c1923a2807b2fa955d78b4943a0b7da0"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sat, 01 May 2021 11:19:36 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
timing-allow-origin
*
content-length
9704
x-amz-id-2
uPaA2a1tpmHIxT8LBx7fMvoLqNFrV1dtW7//UGsFBofb2WqRtkKPFyY167+ADnBO9X1p05zIPHU=
expires
Mon, 31 May 2021 11:19:36 GMT
42442704-0-image-a-16_1619857381297.jpg
i.dailymail.co.uk/1s/2021/05/01/09/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/1s/2021/05/01/09/42442704-0-image-a-16_1619857381297.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64024a86bb051953d9410fe2648b026f5d2060cd4719001a053ee143d8847cf0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
oTC8Gc3yN3VI_6hGbq_X6hvErY3WyMJD
last-modified
Sat, 01 May 2021 08:23:02 GMT
server
AmazonS3
x-amz-request-id
KZ1CE2BJBT2H5VJZ
etag
"dabcdab7517c9e631238c4f01cc1f37f"
content-type
image/jpeg
cache-control
max-age=2592000
date
Sat, 01 May 2021 11:19:36 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
timing-allow-origin
*
content-length
10834
x-amz-id-2
XT1Yy4fwSCcrreKvYodDDUuX8KrS2iwFdirG/MJyWOG7rCKjlLTdjin3nyM1y+66UWIcj6kC5Ns=
expires
Mon, 31 May 2021 11:19:36 GMT
impl.20210428-5-RELEASE.js
cdn.taboola.com/libtrc/ 		483 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210428-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-row/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
2d88ce65d8baa15a95cf29ce4051608a58f17abb661083c13b3ef9d2f9cbcc7c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3.3U5kOuMO9tKFQ5WbmKpoXw2zstCnel
content-encoding
br
etag
"304a12e150bef17e6042539dba18430d"
age
6317
x-cache
HIT
content-length
113286
x-amz-id-2
RtGAWiiYKYfrEzKUdZPsLtsDvlNRzY7wtBTANpuZVJZK/mqVTiirZ1VwD6W7WcW/PGJioMhNUgo=
x-served-by
cache-hhn11572-HHN
last-modified
Wed, 28 Apr 2021 09:25:56 GMT
server
AmazonS3-br
x-timer
S1619867977.516676,VS0,VE0
date
Sat, 01 May 2021 11:19:36 GMT
vary
Accept-Encoding
x-amz-request-id
7YDGMX3RWD5335X8
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
86
x-cache-hits
33704
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&pid=VKWJ3TztadHGI&cb=3&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%22mpu_puff_20%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224680455013%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:36 GMT
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MAD50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
zHsn1FC-2ptY7ku-TCVvk0mUNChXms2_WC9-YoPgEwSzHNJy2CWAjQ==
sa
ted.dailymail.co.uk/s/ 		65 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ted.dailymail.co.uk/s/sa
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
69b1d5b1045c0801b1c3edaccf745f7ebdb2a128dfb22ef1e10c6a18dcb39e23

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 01 May 2021 11:19:36 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Sat, 01 May 2021 11:19:36 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
65
x-rs-ops
rta2-rufus-a4-fe.hsk.mol.dmgt.net:8180
sa
t.dailymail.co.uk/s/ 		65 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.dailymail.co.uk/s/sa
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/rta2/v-0.58.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
98f2c6d677dda757b8c5486a21721ead1ecd4d722331a05de85e4b530be096c5

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 01 May 2021 11:19:37 GMT
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
expires
Sat, 01 May 2021 11:19:37 GMT
cache-control
private, no-cache, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, documentReferer
content-length
65
x-rs-ops
rta2-rufus-c4-fe.rdg.mol.dmgt.net:8180
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:37 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 02 May 2021 11:19:37 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1797757661030233&correlator=1961081133953413&output=ldjh&impl=fif&eid=21065646%2C31060922%2C21064367%2C31060682&vrg=2021042701&ptt=17&sc=1&sfv=1-0-38&ecs=20210501&iu_parts=5765%2Cdailymail.uk%2Cdm_dmwires_reutersart%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C900x250%7C728x90&prev_scp=maxbid%3D2.74%26maxbidpk%3D6%26maxbid_bidder%3Daol%26pos%3Dbillboard%26amznbid%3D2%26amznp%3D2%26adx_channel%3D2%26nobids%3Dfalse%26refreshCount%3D0%26hb_bidder%3Daol%26hb_adid%3D216011104ddcaaf5%26hb_pb%3D2.73%26hb_size%3D970x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_skin%3Dfalse%26bc%3D0%26bc_diff%3D0%26hb_adid_aol%3D216011104ddcaaf5%26hb_pb_aol%3D2.73%26hb_size_aol%3D970x250%26hb_source_aol%3Dclient%26hb_format_aol%3Dbanner%26hb_skin_aol%3Dfalse%26hb_adid_appnexus%3D2325c6939d0c94fc%26hb_pb_appnexus%3D0.16%26hb_size_appnexus%3D728x90%26hb_source_appnexus%3Dclient%26hb_format_appnexus%3Dbanner%26hb_skin_appnexus%3Dfalse%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9529785%26environment%3Dproduction%26country%3Dde%26abv%3Dnext-release%252Fa174b6cfc%26mvt%3Dpermutive_on%252Cuniversalid_on%252CperfMon_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D0392c6a4-6ed2-427e-9879-6389738ca5bc%26impid%3Ddee9d0a2-746c-4515-94c5-f48c72c4d067%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dwires%26subarea%3Dreuters&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1619867977641&dlt=1619867970825&idt=5959&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=197&adks=2059569030&ucis=1&ifi=1&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&vis=1&dmc=8&scr_x=0&scr_y=0&psz=964x250&msz=967x250&ga_vid=592649942.1619867975&ga_sid=1619867975&ga_hid=801510579&ga_fc=true&fws=4&ohw=967&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6dd591aa90531d89727f63bbb252dab5d88dde8dc23af6b1f57afdecae2eee16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7446
x-xss-protection
0
google-lineitem-id
245976032
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
103914935072
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		457 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1797757661030233&correlator=1961081133953413&output=ldjh&impl=fif&eid=21065646%2C31060922%2C21064367%2C31060682&vrg=2021042701&ptt=17&sc=1&sfv=1-0-38&ecs=20210501&iu_parts=5765%2Cdailymail.uk%2Cdm_dmwires_reutersart%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ists=1&prev_scp=pos%3Dbillboard%26adx_channel%3D2%26nobids%3Dfalse%26refreshCount%3D0%26hb_bidder%3Daol%26hb_adid%3D216011104ddcaaf5%26hb_pb%3D2.73%26hb_size%3D970x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_skin%3Dfalse%26bc%3D0%26bc_diff%3D0%26hb_adid_aol%3D216011104ddcaaf5%26hb_pb_aol%3D2.73%26hb_size_aol%3D970x250%26hb_source_aol%3Dclient%26hb_format_aol%3Dbanner%26hb_skin_aol%3Dfalse%26hb_adid_appnexus%3D2325c6939d0c94fc%26hb_pb_appnexus%3D0.16%26hb_size_appnexus%3D728x90%26hb_source_appnexus%3Dclient%26hb_format_appnexus%3Dbanner%26hb_skin_appnexus%3Dfalse%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9529785%26environment%3Dproduction%26country%3Dde%26abv%3Dnext-release%252Fa174b6cfc%26mvt%3Dpermutive_on%252Cuniversalid_on%252CperfMon_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D0392c6a4-6ed2-427e-9879-6389738ca5bc%26impid%3Ddee9d0a2-746c-4515-94c5-f48c72c4d067%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dwires%26subarea%3Dreuters&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1619867977685&dlt=1619867970825&idt=5959&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2535171983&ucis=2&ifi=2&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&vis=1&dmc=8&scr_x=0&scr_y=0&psz=964x250&msz=1x1&ga_vid=592649942.1619867975&ga_sid=1619867975&ga_hid=801510579&ga_fc=true&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
cccd27e6ee6911220469b229c3914a88d4f67c6cfef53e4b83d914db42b71b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1797757661030233&correlator=1961081133953413&output=ldjh&impl=fif&eid=21065646%2C31060922%2C21064367%2C31060682&vrg=2021042701&ptt=17&sc=1&sfv=1-0-38&ecs=20210501&iu_parts=5765%2Cdailymail.uk%2Cdm_dmwires_reutersart%2Cmpu_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&prev_scp=maxbid%3D3.09%26maxbidpk%3D7%26maxbid_bidder%3Dtriplelift%26pos%3Dmpu_top%26amznbid%3D2%26amznp%3D2%26adx_channel%3D12%26nobids%3Dfalse%26refreshCount%3D0%26hb_bidder%3Dtriplelift%26hb_adid%3D22910980773f79fb%26hb_pb%3D3.08%26hb_size%3D300x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_skin%3Dfalse%26bc%3D0%26bc_diff%3D0%26hb_adid_aol%3D2150f70b2a9f8fb1%26hb_pb_aol%3D2.73%26hb_size_aol%3D300x600%26hb_source_aol%3Dclient%26hb_format_aol%3Dbanner%26hb_skin_aol%3Dfalse%26hb_adid_sharethrough%3D218caea8f5abda52%26hb_pb_sharethrough%3D2.45%26hb_size_sharethrough%3D300x600%26hb_source_sharethrou%3Dclient%26hb_format_sharethrou%3Dbanner%26hb_skin_sharethrough%3Dfalse%26hb_adid_rubicon%3D221e08337224ef09%26hb_pb_rubicon%3D2.54%26hb_size_rubicon%3D300x250%26hb_source_rubicon%3Dclient%26hb_format_rubicon%3Dbanner%26hb_skin_rubicon%3Dfalse%26hb_adid_triplelift%3D22910980773f79fb%26hb_pb_triplelift%3D3.08%26hb_size_triplelift%3D300x250%26hb_source_triplelift%3Dclient%26hb_format_triplelift%3Dbanner%26hb_skin_triplelift%3Dfalse%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9529785%26environment%3Dproduction%26country%3Dde%26abv%3Dnext-release%252Fa174b6cfc%26mvt%3Dpermutive_on%252Cuniversalid_on%252CperfMon_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D0392c6a4-6ed2-427e-9879-6389738ca5bc%26impid%3Ddee9d0a2-746c-4515-94c5-f48c72c4d067%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dwires%26subarea%3Dreuters&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1619867977703&dlt=1619867970825&idt=5959&frm=20&biw=1600&bih=1200&oid=3&adxs=978&adys=533&adks=1681197377&ucis=3&ifi=3&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&vis=1&dmc=8&scr_x=0&scr_y=0&psz=308x623&msz=308x623&ga_vid=592649942.1619867975&ga_sid=1619867975&ga_hid=801510579&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7065188085b63635ea211954d714fffc8d2ad4555de60cc6492b638769eeab2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7520
x-xss-protection
0
google-lineitem-id
243916352
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
103914903632
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		463 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1797757661030233&correlator=1961081133953413&output=ldjh&impl=fif&eid=21065646%2C31060922%2C21064367%2C31060682&vrg=2021042701&ptt=17&sc=1&sfv=1-0-38&ecs=20210501&iu_parts=5765%2Cdailymail.uk%2Cdm_dmwires_reutersart%2Chalf_mpu_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x150&prev_scp=pos%3Dhalf_mpu_top%26amznbid%3D2%26amznp%3D2%26adx_channel%3D8%26nobids%3Dtrue%26refreshCount%3D0%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9529785%26environment%3Dproduction%26country%3Dde%26abv%3Dnext-release%252Fa174b6cfc%26mvt%3Dpermutive_on%252Cuniversalid_on%252CperfMon_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D0392c6a4-6ed2-427e-9879-6389738ca5bc%26impid%3Ddee9d0a2-746c-4515-94c5-f48c72c4d067%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dwires%26subarea%3Dreuters&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1619867977720&dlt=1619867970825&idt=5959&frm=20&biw=1600&bih=1200&oid=3&adxs=974&adys=1288&adks=3385886755&ucis=4&ifi=4&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&vis=1&dmc=8&scr_x=0&scr_y=0&psz=308x5098&msz=308x150&ga_vid=592649942.1619867975&ga_sid=1619867975&ga_hid=801510579&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
114ec06707c7a769f1ac17af93d6468bd79c412b1b654c67cf5c1f537955facc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
242
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie
cm.adform.net/ 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:38 GMT
server
nginx
content-length
43
content-type
image/gif
config.json
c.go-mpulse.net/api/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD&d=www.dailymail.co.uk&t=5399560&v=1.720.0&sl=0&si=89ae1635-cb99-4df0-b987-ed592ba41c9b-qsfe4i&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=145913
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/RQAJ2-Q4TGF-HEKJL-TAEAK-5V3VD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:1a0::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
743a6a4125121c2f183f8ec197fe6277221dde7eb26effc9a6e605dc0c68bff7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1397
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&pid=VKWJ3TztadHGI&cb=4&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%22mpu_puff_45%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224680455013%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:37 GMT
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MAD50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
z2DfgF0897Hd-DyUT0KLcwXP6Q1yrfUj8JtFmueDXrs6b8c-EzQlKA==
rid
match.adsrvr.org/track/ 		109 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=a8r0pns&fmt=json
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.153.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
642a4f82a2ec7338ddcc53a79ede06dd129cdedef7e4b101db03af992bbe0940

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 May 2021 11:19:38 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 31 May 2021 11:19:38 GMT
sync
eb2.3lift.com/ Frame 1434 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6bc89bf5b7cca649733efaf7dec08109b5371ecc76fe28cc7b52e83fcd5c0601

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=7090362206620479910
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

date
Sat, 01 May 2021 11:19:38 GMT
content-type
text/html; charset=utf-8
content-length
478
set-cookie
sync=CgoIgQIQzZSfvZIvCgoIkQIQzZSfvZIvCgoI4gEQzZSfvZIvCgoIkgIQzZSfvZIvCgoI5gEQzZSfvZIvCgoIhwIQzZSfvZIvCgkIOhDNlJ-9ki8KCQgLEM2Un72SLwoJCF8QzZSfvZIvCgkIHxDNlJ-9ki8=; Max-Age=7776000; Expires=Fri, 30 Jul 2021 11:19:38 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=7090362206620479910; Max-Age=7776000; Expires=Fri, 30 Jul 2021 11:19:38 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
async_usersync.html
acdn.adnxs.com/dmp/ Frame 579A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=120985955938792007; icu=ChgIr60pEAoYBCAEKAQwxvK0hAY4BEAESAQQxvK0hAYYAw..; anj=dTM7k!M4/Acvig%ghqdmU(5>!q/xT]!A#F3.CK$wNl(9q/Bv)s=0w.5eVQn^cjIE7jG':Le8ob95u#%1<d893i+:bn7R_G(dKtMlZd)O>(j'C@-!WeMB[1p^6Bux-eu%:%:Ow723)2jKaZ[A@#r%MlNY):c:=/)6OrPoM[[#AQMf5E9ocEuQFf43-P$vJ0JhLS%.H+CG@'s>T4L:*N; uids=eyJ0ZW1wVUlEcyI6eyJncmlkIjp7InVpZCI6ImUwZDU0MzA2LTM1OTktNDI5ZS1iM2JiLTRiMTQ5ZTdiNzY4NSIsImV4cGlyZXMiOiIyMDIxLTA3LTMwVDExOjE5OjM1WiJ9LCJicmlnaHRyb2xsIjp7InVpZCI6InktbGg3dDNnQkUycEdORHdVc21hbGJwd3gyUW5sSnJ6cV9xLmNKZU9kcE5DVjZ3VjhuZjBJdXF3dy1+QSIsImV4cGlyZXMiOiIyMDIxLTA3LTMwVDExOjE5OjM4WiJ9fSwiYmlydGhkYXkiOiIyMDIxLTA1LTAxVDExOjE5OjM0WiJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 21 Apr 2021 04:57:41 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 01 May 2021 11:19:38 GMT
Age
22897
X-Served-By
cache-lga21932-LGA, cache-fra19136-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 241577
X-Timer
S1619867978.312440,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1727 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=95891
Expires
Sun, 02 May 2021 13:57:49 GMT
Date
Sat, 01 May 2021 11:19:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 046B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCune56eVAXOxtVOvC2GheU/JXSeRSjSx8gJUuQtaykB7VcrRe0Empmy2Xf4CU6STGOOGZgrDUeTL+hRgIy70ov0uYKhWw/V+UrWefz+Q; ses2=; khaos=KO5NKF94-N-I552; ses9=; vis9=124374^2; ses10=124374^1; vis10=124374^1; vis57=124374^2; vis2=124374^2; ses57=124374^1; ses15=; audit=1|naVuGyos1qoJ5dM7hJg3u81+1ZYfrZ/aekN9vI28cJbzOzHVa6+b9bVfrxdy/JuMJj+nfjXWofEikLZnp+mTxkS+nStejD8b3OlDu/ORdD8=; vis15=124374^4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 May 2021 11:19:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 3969
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a3aa2a0aa71c8aabdf1a044c3e0e1c70679aaf8a90552a2444f02510949ba223

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1128; CMID=YI05SprvzqpCTpf4L7IojAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|47|206|191|51
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1780
Expires
Sat, 01 May 2021 11:19:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 01 May 2021 11:19:38 GMT
Connection
keep-alive
Set-Cookie
CMID=YI05SprvzqpCTpf4L7IojAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 May 2022 11:19:38 GMT CMPS=1128;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Jul 2021 11:19:38 GMT CMPRO=1129;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Jul 2021 11:19:38 GMT CMRUM3=2d608d394a05a0&e6608d394a27600&f1608d394a05a0&bf608d394a05a0&33608d394a05a0&27608d394a0b40&2f608d394a05a0&ce608d394a05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 May 2022 11:19:38 GMT CMST=YI05SmCNOUoA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 02 May 2021 11:19:38 GMT

Redirect headers

Server
Apache
Content-Length
338
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 01 May 2021 11:19:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 01 May 2021 11:19:38 GMT
Connection
keep-alive
Set-Cookie
CMID=YI05SprvzqpCTpf4L7IojAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 May 2022 11:19:38 GMT CMPS=1128;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Jul 2021 11:19:38 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 4483 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 01 May 2021 11:19:38 GMT
Content-Length
1151
Connection
keep-alive
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 9DD4 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a3i4pto1619867974377
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.9.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4f989db91b6d3409724a2653e7ab57170232aa6cfcf2dae0a229ac453ccc932f

Request headers

:method
GET
:authority
pre.ads.justpremium.com
:scheme
https
:path
/v/1.0/t/sync?_c=a3i4pto1619867974377
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

date
Sat, 01 May 2021 11:19:38 GMT
content-type
text/html; charset=utf-8
cache-control
public, no-cache, no-store, must-revalidate
pd
eu-u.openx.net/w/1.0/ Frame 8540 		668 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
bbc4caa1ce5f1010fb707cff14d70ad9f0aa9409d9e19206c1e8b84abc76ca12

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=3e783b4a-2acd-4064-b1ff-774d8a481474|1619867973
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=3e783b4a-2acd-4064-b1ff-774d8a481474|1619867973; Version=1; Expires=Sun, 01-May-2022 11:19:38 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619867978|gekin0vNiygu; Version=1; Expires=Sun, 16-May-2021 11:19:38 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 01 May 2021 11:19:38 GMT
content-type
text/html
content-length
420
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e0d54306-3599-429e-b3bb-4b149e7b7685&ssp=themediagrid&gdpr=&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e0d54306-3599-429e-b3bb-4b149e7b7685&ssp=themediagrid&gdpr=&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:39 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e0d54306-3599-429e-b3bb-4b149e7b7685&ssp=themediagrid&gdpr=&gdpr_consent=
date
Sat, 01 May 2021 11:19:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
e.serverbid.com/udb/9969/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fpool%2Fset%2Fi.gif%3FpoolId%3D9969%26poolKey%3D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:37 GMT
content-length
0
i.gif
mfad.inskinad.com/udb/9874/sync/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=185638&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://ssum.casalemedia.com/usermatchredir?s=185638&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
  • https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=YI05SprvzqpCTpf4L7IojAAA%261129
43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=YI05SprvzqpCTpf4L7IojAAA%261129
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.47.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.16.1 / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:39 GMT
ETag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
Server
nginx/1.16.1
x-powered-by
adzerk bifrost/
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
undefined
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
Content-Length
43
x-served-by
engine-production-i-001c922f187aa0450

Redirect headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=YI05SprvzqpCTpf4L7IojAAA%261129
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
284
Expires
Sat, 01 May 2021 11:19:39 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1797757661030233&correlator=1961081133953413&output=ldjh&impl=fif&eid=21065646%2C31060922%2C21064367%2C31060682&vrg=2021042701&ptt=17&sc=1&sfv=1-0-38&ecs=20210501&iu_parts=5765%2Cdailymail.uk%2Cdm_dmwires_reutersart%2Cmpu_puff_20&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&prev_scp=maxbid%3D3.09%26maxbidpk%3D7%26maxbid_bidder%3Dtriplelift%26pos%3Dmpu_puff_20%26amznbid%3D2%26amznp%3D2%26adx_channel%3D5%26nobids%3Dfalse%26refreshCount%3D0%26hb_bidder%3Dtriplelift%26hb_adid%3D22861cff89fdd5c8%26hb_pb%3D3.08%26hb_size%3D300x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_skin%3Dfalse%26bc%3D0%26bc_diff%3D0%26hb_adid_triplelift%3D22861cff89fdd5c8%26hb_pb_triplelift%3D3.08%26hb_size_triplelift%3D300x250%26hb_source_triplelift%3Dclient%26hb_format_triplelift%3Dbanner%26hb_skin_triplelift%3Dfalse%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9529785%26environment%3Dproduction%26country%3Dde%26abv%3Dnext-release%252Fa174b6cfc%26mvt%3Dpermutive_on%252Cuniversalid_on%252CperfMon_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D0392c6a4-6ed2-427e-9879-6389738ca5bc%26impid%3Ddee9d0a2-746c-4515-94c5-f48c72c4d067%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dwires%26subarea%3Dreuters&cookie_enabled=1&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1619867978328&dlt=1619867970825&idt=5959&frm=20&biw=1600&bih=1200&oid=3&adxs=978&adys=4080&adks=2459920819&ucis=5&ifi=5&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&vis=1&dmc=8&scr_x=0&scr_y=0&psz=308x627&msz=308x627&ga_vid=592649942.1619867975&ga_sid=1619867975&ga_hid=801510579&ga_fc=true&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
de52e73b5138812fe661972462e6b386f2a5dddb33cb33ab5e270f60e29d4258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7394
x-xss-protection
0
google-lineitem-id
243916352
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
103914904832
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/dailymail-row/trc/3/ 		33 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/dailymail-row/trc/3/json?tim=13%3A19%3A38.609&lti=deflated&data=%7B%22id%22%3A959%2C%22ii%22%3A%22%2Fwires%2Freuters%2Farticle-9529785%2Fafter-masked-bunnies-belgian-artisan-shifts-chocolate-syringes.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1619603862067%2C%22vi%22%3A1619867975332%2C%22cv%22%3A%2220210428-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A26126%2C%22qs%22%3A%22%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2v%22%2C%22s%22%3A15%2C%22uim%22%3A%22autosized-generated-text-under-1r-row%3Aabp%3D0%22%2C%22uip%22%3A%22desktop-wide%22%2C%22orig_uip%22%3A%22wide%22%2C%22cd%22%3A1274%2C%22mw%22%3A632%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-b%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%202nd%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%202nd%22%2C%22cd%22%3A1300%2C%22mw%22%3A636%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210428-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
220ef54267de85bddcdc870d2bc59ac81bbd4ee94c3676d9fd551153da43d61c

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
387
date
Sat, 01 May 2021 11:19:39 GMT
content-encoding
gzip
server
nginx
x-timer
S1619867979.822031,VS0,VE387
x-served-by
cache-fra19147-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
/
clarium.global.ssl.fastly.net/ Frame 16B6 		114 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjMxNzYzMjo5NzB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOak14TnpZek1qbzVOekI0TWpVdyIsIndkIjp7Im8iOiI0MDYzMTc2MzIiLCJ3Ijo5NzAsImgiOjI1MH0sIndyIjoyfQ==
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
18ce781952f415504a302be7db44d05aaf6306e103c8ac7da42896488695b289

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:39 GMT
Content-Encoding
gzip
Age
114
X-Cache-Status
hit
X-Cache
HIT
X-Cache-Hits
1
Connection
keep-alive
Content-Length
34016
X-Served-By
cache-ams21044-AMS
Pragma
no-cache
Access-Control-Allow-Origin
*
Server
nginx
X-Timer
S1619867979.047688,VS0,VE1
ETag
8e678d727a28cfaa5bdc0ca29f10cfff9e79780d
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Expires
Sat, 26 Jul 1997 04:59:59 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619782026698183"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27954
x-xss-protection
0
expires
Sat, 01 May 2021 11:19:38 GMT
events
bidder.criteo.com/csm/ 		0
149 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:38 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:39 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 02 May 2021 11:19:39 GMT
navigation_bottom.gif
www.dailymail.co.uk/i/furniture/structure/ 		154 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dailymail.co.uk/i/furniture/structure/navigation_bottom.gif
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.13.0/desktop.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4eaa63fe224cad73f3348b716855de0ace8a3169abfc0d7b2845d083172f53dd

Request headers

:path
/i/furniture/structure/navigation_bottom.gif
pragma
no-cache
cookie
pbjs-unifiedid=%7B%22TDID%22%3A%2270b9d890-5931-4f83-87ad-558f6baed511%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-05-01T11%3A19%3A38%22%7D; __gads=ID=5b73b8d238b31cb4:T=1619867977:S=ALNI_MZ8I5WNJGZKfzBCwYB8ip0t0AaRPQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.dailymail.co.uk
referer
https://scripts.dailymail.co.uk/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://scripts.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:39 GMT
content-security-policy-report-only
block-all-mixed-content; report-uri https://mol.report-uri.io/r/default/csp/reportOnly
last-modified
Tue, 02 Mar 2021 15:44:32 GMT
etag
W/"154-1614699872000"
x-rs-time
Tue, 20 Apr 2021 19-12-03 GMT
vary
User-Agent
content-type
image/gif
server-timing
cdn-cache; desc=HIT edge; dur=1
accept-ranges
bytes
x-mol-georesp
de
content-length
154
x-rs-ops
molfejava-a2-fe.hsk.mol.dmgt.net:8081
/
clarium.global.ssl.fastly.net/ Frame 3D6D 		115 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjI3NzU1MjozMDB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOakkzTnpVMU1qb3pNREI0TWpVdyIsIndkIjp7Im8iOiI0MDYyNzc1NTIiLCJ3IjozMDAsImgiOjI1MH0sIndyIjoyfQ==
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
18e191c43dec608d1fca002d0ba4fb4ba266ebe65996e8d0630d9c4f061921ae

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:39 GMT
Content-Encoding
gzip
Age
147
X-Cache-Status
hit
X-Cache
HIT
X-Cache-Hits
4
Connection
keep-alive
Content-Length
34194
X-Served-By
cache-ams21044-AMS
Pragma
no-cache
Access-Control-Allow-Origin
*
Server
nginx
X-Timer
S1619867980.614931,VS0,VE0
ETag
c19b248c8a629ccc46fd7203f5f768db7d50b38d
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Expires
Sat, 26 Jul 1997 04:59:59 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&pid=VKWJ3TztadHGI&cb=5&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%22sky-left%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224680455013%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:39 GMT
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MAD50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
vHL2YqUHfUxbsIc09NlOpnaQPu4oNRWYa7Er2Qx0Occ5QdY1uhbPfQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&pid=VKWJ3TztadHGI&cb=6&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%22sky-right%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224680455013%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:39 GMT
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MAD50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
6LUew5K_lIlOSzVFX0deXDa7pk1O_c9J4JPlAzUHJX9KE8VHKoCluQ==
currencyExchangeRate
fff.dailymail.co.uk/ 		19 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fff.dailymail.co.uk/currencyExchangeRate
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.6.0/scripts/fff.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f4be37ae6f3da730d311ea6ff931acc51d1ae189ec3c2d28869cb00e536605cd

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
x-rs-ops
fff1-fe:8180
date
Sat, 01 May 2021 11:19:40 GMT
cache-control
max-age=58772
content-length
19
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
1.0.1
fff.dailymail.co.uk/templates/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fff.dailymail.co.uk/templates/1.0.1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.6.0/scripts/fff.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6b8474a0f9c6b3c69e02409f7eeb8faa908b8b18e64fdf7cc88a9129585fc7c3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:40 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=346396
content-length
1941
x-rs-ops
fff2-fe:8180
55199X1584066.skimlinks.js
s.skimresources.com/js/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/55199X1584066.skimlinks.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e3cab5c0fd33b6612d1d8852eeac9df1678260388794fa2cad6fa993355192d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:40 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 12:12:55 GMT
server
AmazonS3
x-amz-request-id
BDM6S4WC0EES5PHJ
etag
"a1e2468568f01785fa6f0a1e680d5c99"
x-hw
1619867980.cds168.fr8.hn,1619867980.cds210.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
19436
x-amz-id-2
xB+hDWuTRFzPZIGZ1XSzertGsKNI7xEJ7rwOADm5F0id3zG83ZEC+vlPrJ/qGMoGeXUMqj/9K9U=
truncated
/ 		174 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52efd6959ae8fb441d9b7bce3624bcbda0b601316751028b16b31484124019c5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
chromeless_closer.png
i.dailymail.co.uk/video/ 		372 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/video/chromeless_closer.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9dff2251abbde2c57b87b8e340e8cc695637fa72f8ff311c61c37b97ec5810c1

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:40 GMT
last-modified
Mon, 01 Jul 2019 16:55:07 GMT
server
AkamaiNetStorage
etag
"8de2a98adb80767b95658b4b19f1342c:1562000107"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
372
expires
Mon, 31 May 2021 11:19:40 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=dados
  • https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=1f4dd82d-aa6f-11eb-b052-141484330306
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=1f4dd82d-aa6f-11eb-b052-141484330306
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Sat, 01 May 2021 11:19:43 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
56
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sat, 01 May 2021 11:19:40 GMT
Server
nginx
Location
/partner?source=dados&__user_check__=1&sync_id=1f4dd82d-aa6f-11eb-b052-141484330306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
2
Connection
keep-alive
Content-Length
0
top-videos.jpg
creative.dailymail.co.uk/videos/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creative.dailymail.co.uk/videos/top-videos.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6924aeec6e6de01dfd439327c170d8adc2f9dd8415e9903e3b24f2c3b6506389

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:40 GMT
last-modified
Wed, 01 May 2019 13:28:47 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"41c301b2aac4a100430b42c8cf52583e:1556717327"
content-length
113532
content-type
image/jpeg
truncated
/ 		120 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
902899b8dd3a6b30f6bc1be0f39f48ce72d0c41357d8bf521cd86f58bb633b7e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
mol-video.woff
scripts.dailymail.co.uk/static/videoplayer/6.12.0/font/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://scripts.dailymail.co.uk/static/videoplayer/6.12.0/font/mol-video.woff
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/videoplayer/6.12.0/styles/mol-fe-videoplayer.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4e89866ffba8b06a31d366ea9f6f5331f87fe29877bfce5381b78a46ddb7fd19

Request headers

Origin
https://www.dailymail.co.uk
Referer
https://scripts.dailymail.co.uk/static/videoplayer/6.12.0/styles/mol-fe-videoplayer.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:40 GMT
last-modified
Thu, 17 Dec 2020 10:11:18 GMT
server
AkamaiNetStorage
etag
"485a02e860743f3a21195c18ca687a40:1608199878.346213"
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
3376
expires
Mon, 31 May 2021 11:19:40 GMT
bridge3.453.0_en.html
imasdk.googleapis.com/js/core/ Frame C569 		570 KB
570 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.453.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
583201
date
Thu, 29 Apr 2021 15:46:56 GMT
expires
Fri, 29 Apr 2022 15:46:56 GMT
last-modified
Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
156764
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sat, 01 May 2021 11:19:40 GMT
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		163 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
1c79b1f71dae647c333ddab905a2900d30c304c6538f327280b6cd2a3d291547

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:41 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
163
Expires
0
avjp
mailonline-uk-d.openx.net/v/1.0/ 		106 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-uk-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0edc6be4-c01b-4f5a-b06f-3111afa2494e&nocache=1619867980934&pubcid=3e783b4a-2acd-4064-b1ff-774d8a481474&ttduuid=70b9d890-5931-4f83-87ad-558f6baed511&auid=540675388&vwd=401&vht=225
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:41 GMT
via
1.1 google
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		26 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=293354&v=8.1&r=%7B%22id%22%3A%22248c820c8ddceb28%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22249e6f50a6e01ffa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22293354%22%2C%22sid%22%3A%22401x225%22%7D%2C%22video%22%3A%7B%22startdelay%22%3A0%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A30%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22w%22%3A401%2C%22h%22%3A225%2C%22placement%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&nf=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e38e68aab307f198623a6fed86aae6773f4cc3c7ed85e4fc3f02a112674c8e36

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:41 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.132], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
28
expires
Sat, 01 May 2021 11:19:41 GMT
auction
tlx.3lift.com/header/ 		19 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.13.0-mol-1&referrer=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&tmax=4500
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.105.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:41 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.33.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-33-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
570bb995124975019ed4b5be0581045b5720e319f83af03806dba96cf797db0d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:41 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
openrtb
ads.adaptv.advertising.com/rtb/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=MailOnline
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
697d6bb9fd14c8ac3d6278c9c0a67d7fbe3f4b8c8fbdeec0d488d2ac6ec204de
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:41 GMT
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.155:80
AN-X-Request-Uuid
5a01a8f9-a697-46c5-8694-4f00342f204f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&pid=VKWJ3TztadHGI&cb=7&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22id%22%3A%22jw_video_desktop%22%2C%22mt%22%3A%22v%22%2C%22kv%22%3A%7B%22pubcid%22%3A%224680455013%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:41 GMT
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MAD50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
R99O9010vVhCvGYQhNpLY7y6Gc1DKQGbrXlkU-Tfea7h4t4LdpFkYA==
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5E51
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9ca078abb8a5179b1eb392261e89c883c62765b4cb4c7fe026955c7701569e03

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YI05Tai0YTdwuhMqzashnwAA; CMPS=1128
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|230|241|190|64|156|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1741
Expires
Sat, 01 May 2021 11:19:41 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 01 May 2021 11:19:41 GMT
Connection
keep-alive
Set-Cookie
CMID=YI05Tai0YTdwuhMqzashnwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 May 2022 11:19:41 GMT CMPS=1128;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Jul 2021 11:19:41 GMT CMPRO=1211;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Jul 2021 11:19:41 GMT CMRUM3=2d608d394d05a0&e6608d394d27600&f1608d394d05a0&41608d394d05a0&9c608d394d05a00&27608d394d0b40&40608d394d05a0&be608d394d05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 May 2022 11:19:41 GMT CMST=YI05TWCNOU0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 02 May 2021 11:19:41 GMT

Redirect headers

Server
Apache
Content-Length
338
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 01 May 2021 11:19:41 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 01 May 2021 11:19:41 GMT
Connection
keep-alive
Set-Cookie
CMID=YI05Tai0YTdwuhMqzashnwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 May 2022 11:19:41 GMT CMPS=1128;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Jul 2021 11:19:41 GMT
18.gif
id5-sync.com/qp/
Redirect Chain
  • https://id5-sync.com/i/167/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/167/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8irmiLFZjAFqkZYWTZGrgBR0Qx7wmfW-ao4qmA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F167%2F124%2F8%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8irmiLFZjAFqkZYWTZGrgBR0Qx7wmfW-ao4qmA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F167%2F124%2F8%2F2.gif%3Fp...
  • https://id5-sync.com/cq/167/124/8/2.gif?puid=e0fd4052-3b4c-4a2c-8e36-a1800f204f7c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&dom...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEEM34v3hcJ3EwvchDj39cTs&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0Rv...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEEM34v3hcJ3EwvchDj39c...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5021937871024251783&opid=apx&ops=&utidl=tech:goo:CAESEEM34v3hcJ3EwvchDj39cTs&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17232866755&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/qp/18.gif?puid=vec%3A17232866755&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.198 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:53 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/qp/18.gif?puid=vec%3A17232866755&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xNjcmZm9ybWF0PWdpZiY
date
Sat, 01 May 2021 11:19:56 GMT
content-length
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
preload-inline.gif
i.dailymail.co.uk/i/furniture/fff/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/fff/preload-inline.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:41 GMT
last-modified
Tue, 02 Jul 2013 10:22:29 GMT
server
Apache
etag
"a51c5608d01acf32df728f299767f82b:1372760549"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
3208
expires
Mon, 31 May 2021 11:19:41 GMT
black-preload.gif
i.dailymail.co.uk/i/furniture/fff/hub/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/furniture/fff/hub/black-preload.gif
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
babed8ddf22ed2e66590a4f75773661304242a4f4167d52e165652fee492933e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:41 GMT
last-modified
Tue, 19 Nov 2013 14:19:15 GMT
server
AkamaiNetStorage
etag
"37e24e0370847870c1c43ea9ce19b1f4:1384870755"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
3208
expires
Mon, 31 May 2021 11:19:41 GMT
script.js
uk-script.dotmetrics.net/Scripts/ 		76 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/Scripts/script.js?v=181
Requested by
Host: uk-script.dotmetrics.net
URL: https://uk-script.dotmetrics.net/door.js?d=www.dailymail.co.uk&t=dmgt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
16c5a237be7793a91007520ce4a4bac39d2cb374d602152dd883bd4b8cfefbc1

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:41 GMT
content-encoding
br
last-modified
Wed, 28 Apr 2021 12:38:44 GMT
server
Kestrel
x-amz-cf-pop
AMS1-C1
etag
"1d73c2b6cf453ee"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
BNSdy2AyTRJARpogVusPsVSGJETskjt5HTe9R6bWpcFgEVBmlvEUAQ==
boot
klkstrm.kargo.com/event/ 		0
0
Kargo-Data.js
storage.cloud.kargo.com/ad/network/tag/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.cloud.kargo.com/ad/network/tag/Kargo-Data.js
Requested by
Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/ad/network/klick/klick-dailymail.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
caefdcc9ae00a197310c0e74d02cc5011a10cf2f7494a3c6e28cd68dc7c37540

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bfm3L0jDnsh9fppcQIyedbHwx7vy5nUS
content-encoding
gzip
etag
"fce2bfe5d7f2f5df4ae350001ca777a8"
x-amz-request-id
6182CC903F8653F1
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
2363
x-amz-id-2
gifDXkpihBghdLsMT1iWi0abx1sOLRo1EDA3DgsTExxGo9PXitObbaOp+Sm3mDMq9yI+e/5pMMc=
last-modified
Thu, 20 Jun 2019 20:12:08 GMT
server
AmazonS3
date
Sat, 01 May 2021 11:19:41 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
syncframe
gum.criteo.com/ Frame E4E0 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.dailymail.co.uk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.dailymail.co.uk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1432
date
Sat, 01 May 2021 11:19:40 GMT
content-length
0
/
clarium.global.ssl.fastly.net/ Frame C457 		0
0
DOUBLE-MPU-1.jpg
i.dailymail.co.uk/i/pix/2016/03/23/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.dailymail.co.uk/i/pix/2016/03/23/DOUBLE-MPU-1.jpg
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.desktop.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
981793c8e58a9ebc2fa825db3f2e1de282a682d2158238d497cca1af74844116

Request headers

Referer
https://scripts.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:41 GMT
last-modified
Tue, 24 Apr 2018 08:44:48 GMT
server
AkamaiNetStorage
etag
"80b954e5f874a18861095c8c9da27bb0:1524559488"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
12558
expires
Mon, 31 May 2021 11:19:41 GMT
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210428-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
063a084118208011f82e42dd9ca1b611fa5faf5c9e821b8d5344883755882c8d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
TWDnU_dfekVMuKA9brRu1TrQHo4R6cYj
content-encoding
gzip
etag
"6781bd7e7a0aaad7d0b1556c39152078"
age
26135
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5680
x-amz-id-2
pvKilc4b1UcFMLLKaDCdQ+u/PcMDMJF4WexNxJusBOfj9+Ll/mAi5/GLB/h+g8GYKs0QDb7Xac4=
x-served-by
cache-hhn11572-HHN
last-modified
Wed, 28 Apr 2021 12:03:45 GMT
server
AmazonS3
x-timer
S1619867982.947622,VS0,VE0
date
Sat, 01 May 2021 11:19:41 GMT
vary
Accept-Encoding
x-amz-request-id
K3XA7PSZ4Z3MFBXY
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
86
x-cache-hits
367702
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210428-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
16247
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by
cache-hhn11572-HHN
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1619867982.947665,VS0,VE0
date
Sat, 01 May 2021 11:19:41 GMT
vary
Accept-Encoding
x-amz-request-id
CR4E2RJ6SANDVYVF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
86
x-cache-hits
165386
tfa-eid.20210428-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210428-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-row/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5662b58830ab9ddbde71a3884a9919785474f902569f426d7c37cabdc8032207

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
sVQs3x6uUPZrR5rpASmdmCFBjP32dAfP
content-encoding
gzip
etag
"e979938c6b91ca833ffac22f311273d3"
age
84
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4857
x-amz-id-2
JoOJeGgzD8D4yRo9aJ4NxHs6HRJC74qjgL/G0N54cXJt1nm7HZV3DGxLYgSyFJX8eRzPwoaG1WE=
x-served-by
cache-hhn11572-HHN
last-modified
Wed, 28 Apr 2021 18:10:00 GMT
server
AmazonS3
x-timer
S1619867982.232964,VS0,VE0
date
Sat, 01 May 2021 11:19:42 GMT
vary
Accept-Encoding
x-amz-request-id
75VCAFST8544MM8E
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
86
x-cache-hits
669
tb
15.taboola.com/ 		31 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=dailymail-row&unitType=226&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails%202nd&uuip=&cisrf=&cirf=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html&encoded=1&uid=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca&variant=-100|421&callback=TRC.videoTagCallbacks.videoCallback1&cb=1619867982258&tagid=&cntry=BE&platform=1&sesid=db8fb7a7f683ced7e15f8b594b1a1e13&itemid=/wires/reuters/article-9529785/after-masked-bunnies-belgian-artisan-shifts-chocolate-syringes.html&viewid=1619867975332&geolat=&geoing=&deviceifa=&appid=&sd=v2_db8fb7a7f683ced7e15f8b594b1a1e13_36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca_1619867978_1619867978_CNawjgYQ-4w9GKT9nr2SLyABKAEwFjjqxgdA44YQSJ3o2QNQ____________AVgAYABosa_ptcr9986tAQ&ri=316e71003b521e436412217f79ecc5af&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1001083&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=VOV&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1001079&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210428-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b7059139aec74a5f68b849c37e43e298d256896d8589cd3270cd12e9ff625160

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 May 2021 11:19:42 GMT
content-encoding
gzip
access-control-allow-origin
https://www.dailymail.co.uk
machineid
1447
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra19147-FRA
pragma
no-cache
server
nginx
x-timer
S1619867982.351537,VS0,VE21
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20210428-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210428-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-row/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecb4f50d3c9733fb6ad76016cbf992cdf87bb37db17e3c28c9437fdbab666233

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
x3r1p_hUlhPWQxLIKK6xiBTWuZR0FYLl
content-encoding
gzip
etag
"23870bd8ef9b9549087737681bb355ea"
age
45
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7955
x-amz-id-2
io6I6KZNbC2kbzHCiQnidABgfDRiifW9p3EZZ+4o47D3E66s98rXhqBfstAfFhbLf1bTQkLU5OI=
x-served-by
cache-hhn11572-HHN
last-modified
Wed, 28 Apr 2021 18:09:56 GMT
server
AmazonS3
x-timer
S1619867982.350991,VS0,VE0
date
Sat, 01 May 2021 11:19:42 GMT
vary
Accept-Encoding
x-amz-request-id
0NQTXP0KPGHPCCKD
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
86
x-cache-hits
59
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1797757661030233&correlator=1961081133953413&output=ldjh&impl=fif&eid=21065646%2C31060922%2C21064367%2C31060682&vrg=2021042701&ptt=17&sc=1&sfv=1-0-38&ecs=20210501&iu_parts=5765%2Cdailymail.uk%2Cdm_dmwires_reutersart%2Cmpu_puff_45&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&prev_scp=maxbid%3D2.74%26maxbidpk%3D6%26maxbid_bidder%3Daol%26pos%3Dmpu_puff_45%26amznbid%3D2%26amznp%3D2%26adx_channel%3D18%26nobids%3Dfalse%26refreshCount%3D0%26hb_bidder%3Daol%26hb_adid%3D21766a56ad189b72%26hb_pb%3D2.73%26hb_size%3D300x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_skin%3Dfalse%26bc%3D0%26bc_diff%3D0%26hb_adid_aol%3D21766a56ad189b72%26hb_pb_aol%3D2.73%26hb_size_aol%3D300x250%26hb_source_aol%3Dclient%26hb_format_aol%3Dbanner%26hb_skin_aol%3Dfalse%26hb_adid_rubicon%3D223ba71afc6ea9b4%26hb_pb_rubicon%3D2.46%26hb_size_rubicon%3D300x250%26hb_source_rubicon%3Dclient%26hb_format_rubicon%3Dbanner%26hb_skin_rubicon%3Dfalse%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9529785%26environment%3Dproduction%26country%3Dde%26abv%3Dnext-release%252Fa174b6cfc%26mvt%3Dpermutive_on%252Cuniversalid_on%252CperfMon_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D0392c6a4-6ed2-427e-9879-6389738ca5bc%26impid%3Ddee9d0a2-746c-4515-94c5-f48c72c4d067%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dwires%26subarea%3Dreuters&cookie=ID%3D43e9124a7804dba6%3AT%3D1619867978%3AS%3DALNI_Mb7WQucHF4osum28v1ZJQltzZovjQ&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1619867982475&dlt=1619867970825&idt=5959&frm=20&biw=1600&bih=1200&oid=3&adxs=978&adys=7541&adks=987221759&ucis=6&ifi=6&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&vis=1&dmc=8&scr_x=0&scr_y=0&psz=308x627&msz=308x627&psts=AGkb-H-nMjVOdPJ8sEPlLWCWYmk4T4LOkIFOBAYICypBReIyZWSc7AaEy4Kq3Ax_PW_u_T2556S1-3D2jbPEbh-4%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8TASp5cD9P2j5CLniH1FX3SM8vJm_3yZZIu0ExzQBg7iDn0kIn1YPBcKNontCeUHBvSZjHyoqWpo3b3PEl%2CAGkb-H_eSowCF3rsRWgub3BorgEW5Td4HBedkLCCw7nQXwbS_2dEs8YjArdPF0IglIceldYx9TA2svuq8IavmOeI&ga_vid=592649942.1619867975&ga_sid=1619867975&ga_hid=801510579&ga_fc=false&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
937a6772f22494611163711b3be596523a70d4352fb2f1126242c8b5265e4285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7369
x-xss-protection
0
google-lineitem-id
243791312
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
103914904832
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 16B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurSwv7SlkxAx2AGJCTinDkD-wMiQ5avrqv4jyIAUwXiUjhfNEbfNegNbSINI36uNuS0rgTXertbi_vF4OjKjNj9XtKwbSXzXNAGapP3m4CXWqoOQAOKVcr0Ky2AXbCKKRqlpbJiy1UWHzbfnKEtJRGx3IwLy7YstzoZpyfZgQdeObWB7hk2kqI9RUgHFkK087lYtPzENty3N64iVmWsmp42gCV4EvSJh7K-e5-E8k6Q7X0pUXh3ksg_-I5cZ90dPqdKLnnitg-zvOVc_XBecqtu4wjr6quX8U6IXRjC2tiU8IEoEp8xzhuejHcLVd2IMk4chMFaH-WhXgcOqZutLdm7Ck&sig=Cg0ArKJSzGiuApUznuDrEAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
clk
ad.doubleclick.net/ddm/adj/N4331.284566THETRADEDESK/B25637237.301547602;sz=970x250;click0=http://insight.adsrvr.org/track/ Frame 16B6 		41 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N4331.284566THETRADEDESK/B25637237.301547602;sz=970x250;click0=http://insight.adsrvr.org/track/clk?imp=1a83fd1f-635f-4d6f-af5b-28b382124f2d&ag=mcjg006&sfe=12c4b945&sig=tswiqY4mwTbvaftSbqigoB-VzLM8cacON4vikLQSLIw.&crid=o0fxk9d7&cf=2224661&fq=0&t=1&td_s=www.dailymail.co.uk&rcats=7sp,y29&mcat=&mste=dailymail.co.uk&mfld=4&mssi=None&mfsi=1n1l9xz7a8&sv=rightmedia&uhow=157&agsa=&wp=3.218349&rgco=Belgium&rgre=Brussels%20Capital&rgme=&rgci=Brussels&rgz=1930&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=55347&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=&c=OAFQAYABAIgBAQ..&dur=&durs=UJSBm-&crrelr=&npt=&svscid=237549&mdl=Chrome%20-%20Windows&ipl=997941&ict=Unknown&said=77f8ffee0cd94fa3a1e010bbb77ffe0e&auct=1&grdc=CAE.&r=;ord=991928;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjMxNzYzMjo5NzB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOak14TnpZek1qbzVOekI0TWpVdyIsIndkIjp7Im8iOiI0MDYzMTc2MzIiLCJ3Ijo5NzAsImgiOjI1MH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
8049ef3773c582d7eabc23fe73d28d5c60421adbd5fbda49e38f096891182cae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17707
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adEvent.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame 16B6 		43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770918319&dcn=8a9691510171713aaede3c85d0ab0026&posi=997941&grp=%3F%3F%3F&nl=1619867973390&rts=1619867973325&pix=1&et=1&a=e5865b1babcd4ea1b8769a17d68f11b9&m=aXAtMTAtMjItOTktNg..&p=MC4wMDMyMTgzNDk&b=MTE2ODg7MTk1MTtxdWFsY29tbS5jb207Ozs7NzdmOGZmZWUwY2Q5NGZhM2ExZTAxMGJiYjc3ZmZlMGU7MTE3ODgyOzE2MTk4NjUwMDA7OzAuMDAyNzM1NTk2NjU7OzA.&xdi=Q2hyb21lIC0gV2luZG93c3w_Pz98TlQgMTAuMHwxNw..&xoi=MHxCRUw.&hb=true&type=0&af=5&dety=2
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjMxNzYzMjo5NzB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOak14TnpZek1qbzVOekI0TWpVdyIsIndkIjp7Im8iOiI0MDYzMTc2MzIiLCJ3Ijo5NzAsImgiOjI1MH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.6.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:43 GMT
last-modified
Thu, 29 Apr 2021 09:46:58 GMT
server
nginx/1.16.1
accept-ranges
bytes
content-length
43
content-type
image/gif
rightmedia
eur-ukp.adsrvr.org/bid/feedback/ Frame 16B6 		807 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eur-ukp.adsrvr.org/bid/feedback/rightmedia?t=1&iid=1a83fd1f-635f-4d6f-af5b-28b382124f2d&crid=o0fxk9d7&wp=3.218349&aid=77f8ffee0cd94fa3a1e010bbb77ffe0e-1&wpc=USD&sfe=12c4b945&puid=&tdid=00000000-0000-0000-0000-000000000000&pid=sr0jhd1&ag=mcjg006&adv=4mvj28f&sig=16jcafVNBlub4nCIg5J8HmpYZGX9nKd_1d9ILp5-Li7s.&bp=3.50800020678270651605&cf=2224661&fq=0&td_s=www.dailymail.co.uk&rcats=7sp,y29&mcat=&mste=dailymail.co.uk&mfld=4&mssi=None&mfsi=1n1l9xz7a8&uhow=157&agsa=&rgco=Belgium&rgre=Brussels%20Capital&rgme=&rgci=Brussels&rgz=1930&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=55347&did=&rcxt=Other&lat=50.880000&lon=4.500000&tmpc=&daid=&vp=0&osi=&osv=&mdl=Chrome%20-%20Windows&c=OAFQAYABAIgBAQ..&dur=&durs=UJSBm-&crrelr=&ipl=997941&grdc=CAE.&vc=3&said=77f8ffee0cd94fa3a1e010bbb77ffe0e&ict=Unknown&auct=1&im=1&mc=a0444ac9-2db2-47ff-86ff-2ee59c9815bb
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjMxNzYzMjo5NzB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOak14TnpZek1qbzVOekI0TWpVdyIsIndkIjp7Im8iOiI0MDYzMTc2MzIiLCJ3Ijo5NzAsImgiOjI1MH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.44.20.105 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
/
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:43 GMT
cache-control
no-cache, must-revalidate
expires
-1
content-type
image/gif
content-length
807
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
skeleton.js
pixel.adsafeprotected.com/rjss/st/697509/54255735/ Frame 16B6 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/697509/54255735/skeleton.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjMxNzYzMjo5NzB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOak14TnpZek1qbzVOekI0TWpVdyIsIndkIjp7Im8iOiI0MDYzMTc2MzIiLCJ3Ijo5NzAsImgiOjI1MH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
700c258f4975230e604cd13759cbc6527165077339caef8f8d2cfa3f0c6f3adc

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:43 GMT
content-encoding
gzip
x-server-name
app29.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
ca
choices.truste.com/ Frame 16B6 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=6dt6nwp_mcjg006_o0fxk9d7&c=tradedesk01cont1&js=pmw0&w=970&h=250&sid=0
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjMxNzYzMjo5NzB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOak14TnpZek1qbzVOekI0TWpVdyIsIndkIjp7Im8iOiI0MDYzMTc2MzIiLCJ3Ijo5NzAsImgiOjI1MH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1787aacb2efc4aa019d5c714f1bd3dc833f12a25e40e7cbb24b28febc66683eb

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:43 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA56-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id
Rz1PrwgndR1D7BzME_OPHYEJx2yM-8-fL2d4b4_8Rca_OhABKEmjtA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
talon-1.0.31.js
s.yimg.com/ix/ Frame 16B6 		57 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ix/talon-1.0.31.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjMxNzYzMjo5NzB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOak14TnpZek1qbzVOekI0TWpVdyIsIndkIjp7Im8iOiI0MDYzMTc2MzIiLCJ3Ijo5NzAsImgiOjI1MH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Sat, 01 May 2021 11:00:34 GMT
x-content-type-options
nosniff
age
1150
x-amz-server-side-encryption
AES256
content-length
58593
x-amz-id-2
b2mG8kgPGLYPGGlfH3zsFBUhCmErd8pAhKBtDlyjC5UAVPz2nJ5Y8YV5XKGSkDFRKR2R5WfURNc=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Apr 2021 14:46:34 GMT
server
ATS
etag
"0bcb4d45cc7ee871c6d48b07af3e2b3d"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
5413Z1ZM9AQJQ66E
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 16B6 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjMxNzYzMjo5NzB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOak14TnpZek1qbzVOekI0TWpVdyIsIndkIjp7Im8iOiI0MDYzMTc2MzIiLCJ3Ijo5NzAsImgiOjI1MH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619782032619693"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35920
x-xss-protection
0
expires
Sat, 01 May 2021 11:19:42 GMT
pixel
protected-by.clarium.io/ Frame 16B6 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjMxNzYzMjo5NzB4MjUw&v=5&s=9458ddff5445eba825699ba62beb2cd5d53c6bf4&sb=0&cb=5480645&h=www.dailymail.co.uk
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.139.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:43 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
products
fff.dailymail.co.uk/ 		2 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fff.dailymail.co.uk/products?articleId=9529785&geo=gb
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-fff/1.6.0/scripts/fff.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
x-rs-ops
fff2-fe:8180
date
Sat, 01 May 2021 11:19:50 GMT
content-length
2
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
225114
search.spotxchange.com/openrtb/2.3/dados/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/225114
Protocol
HTTP/1.1
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.dailymail.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sat, 01 May 2021 11:19:43 GMT
Content-Type
text/plain;charset=UTF-8
Content-Length
0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Sat, 01 May 2021 11:19:43 GMT
Cache-Control
no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Access-Control-Allow-Headers
content-type,x-openrtb-version
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
2592000
225114
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/225114
Requested by
Host: js.spotx.tv
URL: https://js.spotx.tv/directsdk/v1/234272.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
x-openrtb-version
2.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Sat, 01 May 2021 11:19:43 GMT
X-SpotX-Timing-Transform
0.000329
X-SpotX-Timing-SpotMarket
0.011196
X-SpotX-Timing-Page-Mux
0.001643
X-SpotX-Timing-Page-Require
0.000445
X-fe
126
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000024
X-SpotX-Timing-Page
0.016773
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000407
Last-Modified
Sat, 01 May 2021 11:19:43 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.011196
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
X-SpotX-Timing-Page-Misc
0.002714
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
non-responsive-widget.20210428-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/non-responsive-widget.20210428-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dailymail-row/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
148874d39f6b3a8604959f4584ad2bd3c1d9604dea491c80bcde27ea3e2e780e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3iM5jZ9qkedoYTa3Vhev2ZXw3XBn4BPt
content-encoding
gzip
etag
"29d8698277f6a2310fe6d43f82e31066"
age
75
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5667
x-amz-id-2
E6LK4+rwYgmZiOqvHEGU6/SehPm4kwtw+MKDtVC7URdHnfHOcbL8id/bppdyzH2MgN+1/x3EBgw=
x-served-by
cache-hhn11572-HHN
last-modified
Wed, 28 Apr 2021 18:10:15 GMT
server
AmazonS3
x-timer
S1619867984.661078,VS0,VE0
date
Sat, 01 May 2021 11:19:43 GMT
vary
Accept-Encoding
x-amz-request-id
TGSVC1P663RDPTWQ
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
86
x-cache-hits
5
8e4dd95879be16c55f50e29c8b7071db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a67c12faf4b06f2d477080460684bc6552c982a5e29441020a602727ef4163d5

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 01 May 2021 11:19:43 GMT
via
1.1 varnish, 1.1 varnish
age
1627196
edge-cache-tag
322089413535885002890087190934422546620,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
98
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
content-length
10474
x-request-id
f91e0382c933babf4718cdd0a54c77d9
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 30 Mar 2021 21:06:50 GMT
server
nginx
x-timer
S1619867984.718337,VS0,VE0
etag
"75fa7d252eb6ca5b0a052f7166766b89"
x-served-by
cache-wdc5572-WDC, cache-dca17764-DCA, cache-fra19147-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
11a9b15642b0363eff0f99a242a84305.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11a9b15642b0363eff0f99a242a84305.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6f5f82397546652004d9f320804e46ac4cad3465ecbc1d78f850c5ab450be737

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 01 May 2021 11:19:43 GMT
via
1.1 varnish, 1.1 varnish
age
2481833
edge-cache-tag
295925094799410044935824217338449409416,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11a9b15642b0363eff0f99a242a84305.jpg
content-length
4188
x-request-id
8f4a5a01944f595dda43edd5cc7c1ba2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 04 Mar 2021 09:58:44 GMT
server
nginx
x-timer
S1619867984.718392,VS0,VE1
etag
"7555e90a5dc9280f8d38f909c4b3fd79"
x-served-by
cache-wdc5536-WDC, cache-dca12925-DCA, cache-fra19147-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
a6e15cbda5a94034a4451a3acd702473.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6e15cbda5a94034a4451a3acd702473.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3f5cad83cc6708632a79adb075c9624c48576616011ab539f3a6a5fd5e2fe9b7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
89
date
Sat, 01 May 2021 11:19:43 GMT
via
1.1 varnish, 1.1 varnish
age
1322929
edge-cache-tag
600769593713703440554109659627833714366,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Sun, 25 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6e15cbda5a94034a4451a3acd702473.jpg
content-length
12598
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Thu, 25 Mar 2021 17:35:32 GMT
server
nginx
x-timer
S1619867984.718467,VS0,VE89
etag
"0b1635199f872a7e6a4287a02eeb7eb2"
x-served-by
cache-wdc5548-WDC, cache-dca17778-DCA, cache-fra19147-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/3.4.1/ 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.4.1/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210428-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ebd517a8c218f4b3553fecdd2a81d13d2ed81475b8a188755c7b4cfe67fa1d3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:43 GMT
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront), 1.1 varnish
age
1217713
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
27678
x-served-by
cache-fra19147-FRA
last-modified
Sat, 17 Apr 2021 09:03:25 GMT
server
AmazonS3
x-timer
S1619867984.718705,VS0,VE0
etag
"c4646eb2248c899813b21173af88f427"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
kL7R3tvzdH87LNPc2L97DP0Fsqc9Dak-V1ZrREA-4T8UwctwEOYMvA==
x-cache-hits
115001
PugMaster
image6.pubmatic.com/AdServer/ Frame 1727 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=66109028&p=156054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
62946642cd145d13a817d8fa5fccfa08ac7a27b20dac836159c6ce0e6ae07a81

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:43 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 579A 		0
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:43 GMT
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.209:80
AN-X-Request-Uuid
7c19fa10-d81d-446a-8cfd-24bee45262ae
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1434 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.153.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 1434
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJVbNgQomt-hBpfEtnBYZ0A&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJVbNgQomt-hBpfEtnBYZ0A&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJVbNgQomt-hBpfEtnBYZ0A&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1434
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5NjI3MTk4MDIwMTE4NDI2NzQ%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5NjI3MTk4MDIwMTE4NDI2NzQ%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5NjI3MTk4MDIwMTE4NDI2NzQ%3D
date
Sat, 01 May 2021 11:19:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame 1434 		42 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=7090362206620479910&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:43 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: C0C1B1399E414F8EB52D96C43FEE75E1 Ref B: FRAEDGE1306 Ref C: 2021-05-01T11:19:44Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 1434
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/7090362206620479910?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-SSkaeQRE2oTp30Yjdj4aBr8bCHxGGebCs3t6YBug1g--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-SSkaeQRE2oTp30Yjdj4aBr8bCHxGGebCs3t6YBug1g--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 01 May 2021 11:19:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-SSkaeQRE2oTp30Yjdj4aBr8bCHxGGebCs3t6YBug1g--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1434
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5113621828939330411&dongle=4d58&gdpr=1&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5113621828939330411&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:44 GMT
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.53:80
AN-X-Request-Uuid
521a41b0-a0de-4c42-a7c0-73eed46b594e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=5113621828939330411&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 1434
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=7090362206620479910
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7090362206620479910&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7090362206620479910&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:44 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7090362206620479910&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1434
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sat, 01 May 2021 11:19:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 1434 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=7090362206620479910
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 1434 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=7090362206620479910
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 046B 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24970
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Sat, 01 May 2021 18:15:53 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame BBE6 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d0ccf366564444da20f7e2c5d48ca9fff9ebc3c8487bb425cd8945ae4f27e990

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YI05Tai0YTdwuhMqzashnwAA; CMPS=1128; CMPRO=1211; CMRUM3=2d608d394d05a0&e6608d394d27600&f1608d394d05a0&41608d394d05a0&9c608d394d05a00&27608d394d0b40&40608d394d05a0&be608d394d05a0; CMST=YI05TWCNOU0A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|3|4|111|31|47|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1556
Expires
Sat, 01 May 2021 11:19:44 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 01 May 2021 11:19:44 GMT
Connection
keep-alive
Set-Cookie
CMID=YI05Tai0YTdwuhMqzashnwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 May 2022 11:19:44 GMT CMPS=1128;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Jul 2021 11:19:44 GMT CMPRO=1211;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Jul 2021 11:19:44 GMT CMST=YI05TWCNOVAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 02 May 2021 11:19:44 GMT CMRUM3=f1608d394d05a0&e6608d394d27600&2e608d395005a0&1f608d395005a00&40608d394d05a0&6f608d395005a0&be608d394d05a0&c4608d395005a0&03608d395005a0&2d608d394d05a0&41608d394d05a0&49608d395005a00&9c608d394d05a00&27608d394d0b40&04608d395005a0&2f608d395005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 May 2022 11:19:44 GMT
sd
eu-u.openx.net/w/1.0/ Frame 8540
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4fc5608d-394c-4f00-9cc6-c44e6fdb818a
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4fc5608d-394c-4f00-9cc6-c44e6fdb818a
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 01 May 2021 11:21:24 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4fc5608d-394c-4f00-9cc6-c44e6fdb818a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 01 May 2021 11:21:23 GMT
sd
us-u.openx.net/w/1.0/ Frame 8540
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=o7z_g6a18te4vvXSpe_q16bqpYS4vfWBp7xyMEHl
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=o7z_g6a18te4vvXSpe_q16bqpYS4vfWBp7xyMEHl
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=o7z_g6a18te4vvXSpe_q16bqpYS4vfWBp7xyMEHl
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 8540
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=760253858157091964
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=760253858157091964
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=760253858157091964
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 8540 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=edd40413-834a-7f93-eb29-bfa5ee6f2789&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.153.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 8540 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzFiYmQ3ZDktNGEzZC0yMTM3LWZlYzktZTUxYzI0OGRlOWU5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8540
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9OggHmZDC3VSI-QVDg3jE&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9OggHmZDC3VSI-QVDg3jE&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=36664cef-3484-4aa7-9d01-fa4f6f6b2d4e&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9OggHmZDC3VSI-QVDg3jE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3D6D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutmiP7rj_fTIAyPP57yM5m1gPzPRgncE1iGXughP_FVNIjwRvqzrnYwmBWOZi5m5Ss7U3kFQVR4oaURkTLVf-3x7A-NL0EqeSMV7NC5RQFQdyos_WuYubqtRXoXGL_KKdsPM9kNoH-IwfaxJ1rcs9yuXj5gyZmFD746_OJmCNSvkhsJgZ-08OnUQ4IiiB1VkdPqUGBsTd23ggVrYW60Sg34T1xwgGY4_2yzfBrdckoE4ekDz7jhx8qfnN38zdWhuaIxRNiHcBZN6JOFhPBERsRzJlF6Xn7gPBfnb1ydWsyXVwisDVFWGx-RSy457dGP8OUkiyuN0Jb09K4DJ78fiPE&sig=Cg0ArKJSzEsQCkZQFJsUEAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ttj
ib.3lift.com/ Frame 3D6D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=dailymail_desktop_box_mpu_top_prebid
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjI3NzU1MjozMDB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOakkzTnpVMU1qb3pNREI0TWpVdyIsIndkIjp7Im8iOiI0MDYyNzc1NTIiLCJ3IjozMDAsImgiOjI1MH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
67ad4d306a24190090dcf06e862493513527c0f52690b97e03a09339c4857bba

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:11:44 GMT
via
1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
age
596
etag
"7f8ff6638ac3d335a068d4a97bd1b508"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
AMS1-C1
content-encoding
gzip
content-length
3049
x-amz-cf-id
F0xpK521G486g0nTml1YdtNKQcJxxEl-gHLiG_D71oWkt5GdxNJEkA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D6D 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjI3NzU1MjozMDB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOakkzTnpVMU1qb3pNREI0TWpVdyIsIndkIjp7Im8iOiI0MDYyNzc1NTIiLCJ3IjozMDAsImgiOjI1MH0sIndyIjoyfQ==
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619782032619693"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35920
x-xss-protection
0
expires
Sat, 01 May 2021 11:19:44 GMT
notify
tlx.3lift.com/header/ Frame 3D6D 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=3.087&ts=1619867973&aid=47031069887385745714&ec=3658_16687_sqh3smbl&n=GgDyAqkBCAASFDQ3MDMxMDY5ODg3Mzg1NzQ1NzE0GAAgASjKHDCvggFAAUgAUABgCmgAcJFHkAEAmAEAqAEAsAG0G7gBPMABjxjIAbQb4AFG8AEA%2BAG0G4ACjxiIAkaRAgAAAAAAAPA%2FmQK4HoXrUbi%2BP6ECAAAAAAAA8D%2BoAgCwAgLIAgTYAgDxAmZmZmZmZuY%2F%2BALuJIADrAKIA%2FoBkAMAmAMAoAMAuAPZaMADAPgCDIgDAJIDBDBjZmQ%3D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.105.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pixel
protected-by.clarium.io/ Frame 3D6D 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjI3NzU1MjozMDB4MjUw&v=5&s=fb5b2a78a5557646ed109e748f1c9b58a626a65e&sb=0&cb=953760&h=www.dailymail.co.uk
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.139.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:44 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1797757661030233&correlator=1961081133953413&output=ldjh&impl=fif&eid=21065646%2C31060922%2C21064367%2C31060682&vrg=2021042701&ptt=17&sc=1&sfv=1-0-38&ecs=20210501&iu_parts=5765%2Cdailymail.uk%2Cdm_dmwires_reutersart%2Csky_left_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C160x600%7C120x600%7C300x250&prev_scp=maxbid%3D2.53%26maxbidpk%3D6%26maxbid_bidder%3Drubicon%26pos%3Dsky_left_top%26amznbid%3D2%26amznp%3D2%26adx_channel%3D17%26nobids%3Dfalse%26refreshCount%3D0%26hb_bidder%3Drubicon%26hb_adid%3D222b987f9e95f262%26hb_pb%3D2.53%26hb_size%3D300x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_skin%3Dfalse%26bc%3D0%26bc_diff%3D0%26hb_adid_rubicon%3D222b987f9e95f262%26hb_pb_rubicon%3D2.53%26hb_size_rubicon%3D300x600%26hb_source_rubicon%3Dclient%26hb_format_rubicon%3Dbanner%26hb_skin_rubicon%3Dfalse%26hb_adid_appnexus%3D226614c3688ed7a2%26hb_pb_appnexus%3D0.02%26hb_size_appnexus%3D300x600%26hb_source_appnexus%3Dclient%26hb_format_appnexus%3Dbanner%26hb_skin_appnexus%3Dfalse%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9529785%26environment%3Dproduction%26country%3Dde%26abv%3Dnext-release%252Fa174b6cfc%26mvt%3Dpermutive_on%252Cuniversalid_on%252CperfMon_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D0392c6a4-6ed2-427e-9879-6389738ca5bc%26impid%3Ddee9d0a2-746c-4515-94c5-f48c72c4d067%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dwires%26subarea%3Dreuters&cookie=ID%3D43e9124a7804dba6%3AT%3D1619867978%3AS%3DALNI_Mb7WQucHF4osum28v1ZJQltzZovjQ&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1619867984284&dlt=1619867970825&idt=5959&frm=20&biw=1600&bih=1200&oid=3&adxs=3&adys=20&adks=2894056308&ucis=7&ifi=7&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x620&msz=300x600&psts=AGkb-H-nMjVOdPJ8sEPlLWCWYmk4T4LOkIFOBAYICypBReIyZWSc7AaEy4Kq3Ax_PW_u_T2556S1-3D2jbPEbh-4%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8TASp5cD9P2j5CLniH1FX3SM8vJm_3yZZIu0ExzQBg7iDn0kIn1YPBcKNontCeUHBvSZjHyoqWpo3b3PEl%2CAGkb-H_eSowCF3rsRWgub3BorgEW5Td4HBedkLCCw7nQXwbS_2dEs8YjArdPF0IglIceldYx9TA2svuq8IavmOeI&ga_vid=592649942.1619867975&ga_sid=1619867975&ga_hid=801510579&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2ca29363c249440ba24111b07e83d1c723d013d039a1bfd9ad3b6fa77168c9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7376
x-xss-protection
0
google-lineitem-id
239487752
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
103913121632
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1797757661030233&correlator=1961081133953413&output=ldjh&impl=fif&eid=21065646%2C31060922%2C21064367%2C31060682&vrg=2021042701&ptt=17&sc=1&sfv=1-0-38&ecs=20210501&iu_parts=5765%2Cdailymail.uk%2Cdm_dmwires_reutersart%2Csky_right_top&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C160x600%7C120x600%7C300x250&prev_scp=maxbid%3D2.53%26maxbidpk%3D6%26maxbid_bidder%3Drubicon%26pos%3Dsky_right_top%26amznbid%3D2%26amznp%3D2%26adx_channel%3D7%26nobids%3Dfalse%26refreshCount%3D0%26hb_bidder%3Drubicon%26hb_adid%3D220adab7b769de71%26hb_pb%3D2.53%26hb_size%3D300x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_skin%3Dfalse%26bc%3D0%26bc_diff%3D0%26hb_adid_rubicon%3D220adab7b769de71%26hb_pb_rubicon%3D2.53%26hb_size_rubicon%3D300x600%26hb_source_rubicon%3Dclient%26hb_format_rubicon%3Dbanner%26hb_skin_rubicon%3Dfalse%26hb_adid_appnexus%3D22535a299db0ca94%26hb_pb_appnexus%3D0.29%26hb_size_appnexus%3D120x600%26hb_source_appnexus%3Dclient%26hb_format_appnexus%3Dbanner%26hb_skin_appnexus%3Dfalse%26hb_adid_adyoulike%3D230be5523755ba16%26hb_pb_adyoulike%3D0.80%26hb_size_adyoulike%3D300x600%26hb_source_adyoulike%3Dclient%26hb_format_adyoulike%3Dbanner%26hb_skin_adyoulike%3Dfalse%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9529785%26environment%3Dproduction%26country%3Dde%26abv%3Dnext-release%252Fa174b6cfc%26mvt%3Dpermutive_on%252Cuniversalid_on%252CperfMon_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D0392c6a4-6ed2-427e-9879-6389738ca5bc%26impid%3Ddee9d0a2-746c-4515-94c5-f48c72c4d067%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dwires%26subarea%3Dreuters&cookie=ID%3D43e9124a7804dba6%3AT%3D1619867978%3AS%3DALNI_Mb7WQucHF4osum28v1ZJQltzZovjQ&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1619867984304&dlt=1619867970825&idt=5959&frm=20&biw=1600&bih=1200&oid=3&adxs=1297&adys=20&adks=1812723490&ucis=8&ifi=8&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x620&msz=300x600&psts=AGkb-H-nMjVOdPJ8sEPlLWCWYmk4T4LOkIFOBAYICypBReIyZWSc7AaEy4Kq3Ax_PW_u_T2556S1-3D2jbPEbh-4%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8TASp5cD9P2j5CLniH1FX3SM8vJm_3yZZIu0ExzQBg7iDn0kIn1YPBcKNontCeUHBvSZjHyoqWpo3b3PEl%2CAGkb-H_eSowCF3rsRWgub3BorgEW5Td4HBedkLCCw7nQXwbS_2dEs8YjArdPF0IglIceldYx9TA2svuq8IavmOeI&ga_vid=592649942.1619867975&ga_sid=1619867975&ga_hid=801510579&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
888db2f2fdff7b451b5f49a60c5911f37c8c759b0abfb7a09bacc59042c5c835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7435
x-xss-protection
0
google-lineitem-id
239487752
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
103913121872
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3969
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI05SprvzqpCTpf4L7IojAAABGkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI05SprvzqpCTpf4L7IojAAABGkAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI05SprvzqpCTpf4L7IojAAABGkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:47 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:44 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI05SprvzqpCTpf4L7IojAAABGkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 3969
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YI05SprvzqpCTpf4L7IojAAABGkAAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEGkwapY3NdtrlJVPol_DXa4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEGkwapY3NdtrlJVPol_DXa4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 01 May 2021 11:19:45 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEGkwapY3NdtrlJVPol_DXa4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3969 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YI05SprvzqpCTpf4L7IojAAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.153.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 3969
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YI05Tai0YTdwuhMqzashnwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPyjxeb0GYPH2nkAirCj7NM&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPyjxeb0GYPH2nkAirCj7NM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 May 2021 11:19:47 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPyjxeb0GYPH2nkAirCj7NM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3969
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=I2o77CJU1LCNEY5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=I2o77CJU1LCNEY5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 May 2021 11:19:47 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:45 GMT
Server
PingMatch/v2.0.30-645-g00be234#rel-ec2-master i-0be8967e1153531ee@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=I2o77CJU1LCNEY5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
YI05SprvzqpCTpf4L7IojAAABGkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3969
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YI05SprvzqpCTpf4L7IojAAABGkAAAIB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YI05SprvzqpCTpf4L7IojAAABGkAAAIB
43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YI05SprvzqpCTpf4L7IojAAABGkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 01 May 2021 11:19:44 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YI05SprvzqpCTpf4L7IojAAABGkAAAIB
Connection
keep-alive
Content-Length
0
index
dmp.brand-display.com/cm/api/ Frame 3969 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
via
1.1 google
last-modified
Sat, 01 May 2021 11:19:44 GMT
server
nginx/1.20.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Sat, 01 May 2021 11:19:45 GMT
sync
x.bidswitch.net/ Frame 3969 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.13.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-13-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame 3969 		43 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=YI05SprvzqpCTpf4L7IojAAA%261129
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.47.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.16.1 / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:44 GMT
ETag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
Server
nginx/1.16.1
x-powered-by
adzerk bifrost/
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
undefined
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
Content-Length
43
x-served-by
engine-production-i-0627539e5e030baeb
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 0278
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a1d46c6f-852e-4eeb-a07f-59024c7f124a
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a1d46c6f-852e-4eeb-a07f-59024c7f124a&tbid=2a418ab0-9597-455e-85ca-e4d1d3d7c720-tuct786bed4&query=taboola_hm%3Da1d46c6f-852e-...
0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a1d46c6f-852e-4eeb-a07f-59024c7f124a&tbid=2a418ab0-9597-455e-85ca-e4d1d3d7c720-tuct786bed4&query=taboola_hm%3Da1d46c6f-852e-4eeb-a07f-59024c7f124a&isDirect=0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:49 GMT
via
1.1 varnish
server
nginx
x-timer
S1619867990.589436,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19165-FRA

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a1d46c6f-852e-4eeb-a07f-59024c7f124a&tbid=2a418ab0-9597-455e-85ca-e4d1d3d7c720-tuct786bed4&query=taboola_hm%3Da1d46c6f-852e-4eeb-a07f-59024c7f124a&isDirect=0
tbl-x-upstream
10.41.22.84:10213
date
Sat, 01 May 2021 11:19:49 GMT
server
nginx
x-fastly-to-nlb-rtt
3907
sd
u.openx.net/w/1.0/ Frame 0278 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
dsp.adkernel.com/ Frame 0278 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=281&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:44 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
sync.php
pixel.rubiconproject.com/exchange/ Frame 0278 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 0278
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=MKe92sI80Q40&ev=1&orig=trc&pid=562107
0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=MKe92sI80Q40&ev=1&orig=trc&pid=562107
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.57:10213
date
Sat, 01 May 2021 11:19:45 GMT
server
nginx
x-fastly-to-nlb-rtt
8756

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=MKe92sI80Q40&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-l6kmw
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 0278
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=5113621828939330411&orig=trc
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=5113621828939330411&orig=trc
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.57:10213
date
Sat, 01 May 2021 11:19:45 GMT
server
nginx
x-fastly-to-nlb-rtt
9428

Redirect headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:44 GMT
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.54:80
AN-X-Request-Uuid
58dab0ca-2798-4585-a5b1-e28c2c0b0b7c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=5113621828939330411&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 0278
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENeKtTCG4Ox7dyc4Da72zYk&google_cver=1
0
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENeKtTCG4Ox7dyc4Da72zYk&google_cver=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
59
date
Sat, 01 May 2021 11:19:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1619867985.352580,VS0,VE59
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19147-FRA

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENeKtTCG4Ox7dyc4Da72zYk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0278 		42 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca:$UID
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:44 GMT
X-lat
lhrpug001:0:489
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 0278
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b3dc73dd-82cc-4e44-a376-17276b5c591d-tuct786bed0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b3dc73dd-82cc-4e44-a376-17276b5c591d-tuct786bed0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=b3dc73dd-82cc-4e44-a376-17276b5c591d-tuct786bed0
tbl-x-upstream
10.40.0.134:10213
date
Sat, 01 May 2021 11:19:44 GMT
server
nginx
x-fastly-to-nlb-rtt
4107
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 0278
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=27fbb4d7-e69f-42dd-9a86-35b8153e5be6
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=27fbb4d7-e69f-42dd-9a86-35b8153e5be6
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
58
date
Sat, 01 May 2021 11:19:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1619867985.467102,VS0,VE58
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19147-FRA

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=27fbb4d7-e69f-42dd-9a86-35b8153e5be6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 0278
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 0278 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-7c488d4f5b-nsp9m
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 0278 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 0278 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:46 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0278
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a2e71bfd-f4e9-43f6-9a59-3d5b2592bbe2
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a2e71bfd-f4e9-43f6-9a59-3d5b2592bbe2
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Sat, 01 May 2021 11:19:45 GMT
server
nginx
x-fastly-to-nlb-rtt
4156

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a2e71bfd-f4e9-43f6-9a59-3d5b2592bbe2
cache-control
no-cache
date
Sat, 01 May 2021 11:19:44 GMT
server-processing-duration-in-ticks
2464
content-type
text/html; charset=utf-8
content-length
222
expires
Sat, 01 May 2021 00:00:00 GMT
18.gif
id5-sync.com/qp/ Frame 0278
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8irmiLFZjAFqkZYWTZGrgBR0Qx7wmfW-ao4qmA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=e0fd4052-3b4c-4a2c-8e36-a1800f204f7c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&dom...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEEM34v3hcJ3EwvchDj39cTs&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5021937871024251783&opid=apx&ops=&utidl=tech:goo:CAESEEM34v3hcJ3EwvchDj39cTs&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17232866755&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/qp/18.gif?puid=vec%3A17232866755&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.198 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:53 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/qp/18.gif?puid=vec%3A17232866755&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
date
Sat, 01 May 2021 11:19:55 GMT
content-length
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 0278
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=yjOUiyA_AG-mUnMtUjmNYA
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=yjOUiyA_AG-mUnMtUjmNYA
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Sat, 01 May 2021 11:19:46 GMT
server
nginx
x-fastly-to-nlb-rtt
8189

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=yjOUiyA_AG-mUnMtUjmNYA
date
Sat, 01 May 2021 11:19:46 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 0278 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track004-dc3
Pragma
no-cache
Date
Sat, 01 May 2021 11:19:27 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 0278
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=c175ecff-85d2-414d-bb25-dd2a01795253&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=c175ecff-85d2-414d-bb25-dd2a01795253
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c175ecff-85d2-414d-bb25-dd2a01795253
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c175ecff-85d2-414d-bb25-dd2a01795253
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Sat, 01 May 2021 11:19:47 GMT
server
nginx
x-fastly-to-nlb-rtt
6153

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c175ecff-85d2-414d-bb25-dd2a01795253
date
Sat, 01 May 2021 11:19:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
robots.txt
t.skimresources.com/api/v2/ Frame 2F40 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.847000260247001
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:46 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		0
0
px.gif
p.skimresources.com/ 		0
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 353C 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:01:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1117
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Sat, 01 May 2021 12:01:07 GMT
87622335-0647-4345-a5f0-44c40dafebab
crb.kargo.com/api/v1/initsync/ Frame 56DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/initsync/87622335-0647-4345-a5f0-44c40dafebab?partners=Tapad,ttd,mediamath,DBM,LiveRamp
Requested by
Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/ad/network/klick/klick-dailymail.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.128.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
crb.kargo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Date
Sat, 01 May 2021 11:19:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Krk-Reject-Reason
consent
Pragma
no-cache
Vary
Origin
X-Accel-Expires
0
Connection
keep-alive
sync-success
klkstrm.kargo.com/event/ 		0
0
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 16B6 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dailymail.co.uk
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 14:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74915
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 May 2021 14:31:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame 16B6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjMxNzYzMjo5NzB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOak14TnpZek1qbzVOekI0TWpVdyIsIndkIjp7Im8iOiI0MDYzMTc2MzIiLCJ3Ijo5NzAsImgiOjI1MH0sIndyIjoyfQ==
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:18:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 May 2021 11:18:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 16B6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 04:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22920
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 04:57:45 GMT
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame 16B6 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/697509/54255735/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 16:37:27 GMT
content-encoding
gzip
age
931339
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
AmazonS3
etag
W/"3bc122544b299af3472a4ba27ce7978f"
vary
Accept-Encoding
x-amz-version-id
YnDfosEmPFk1USroKyX80ierLiGWq8lS
via
1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
38bOTi8JzoQbi43OBiTTBecQ0KHJAmxzL4rRHT7-dgWEiB0rVvhDpA==
truncated
/ Frame 16B6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19261f4b4e4e062664871b2d3837b4ce34a65c6e958f6fa8a31be2e876a65f2c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bulk
trc.taboola.com/dailymail-row/log/3/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/dailymail-row/log/3/bulk?tvi2=2512&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210428-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
58
pragma
no-cache
date
Sat, 01 May 2021 11:19:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1619867985.334099,VS0,VE58
x-served-by
cache-fra19147-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
khaos.jpg
token.rubiconproject.com/ Frame 046B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 9164
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8261619582308977356
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8261619582308977356
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=66109028&p=156054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_336=5844-8261619582308977356; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:4fc5608d-394c-4f00-9cc6-c44e6fdb818a&KRTB&16736-uid:4fc5608d-394c-4f00-9cc6-c44e6fdb818a&KRTB&23019-uid:4fc5608d-394c-4f00-9cc6-c44e6fdb818a&KRTB&23114-uid:4fc5608d-394c-4f00-9cc6-c44e6fdb818a; KRTBCOOKIE_57=22776-5113621828939330411; KRTBCOOKIE_377=6810-27fbb4d7-e69f-42dd-9a86-35b8153e5be6&KRTB&22918-27fbb4d7-e69f-42dd-9a86-35b8153e5be6&KRTB&23031-27fbb4d7-e69f-42dd-9a86-35b8153e5be6; KRTBCOOKIE_80=16514-CAESECdU4_TqDP4IN-wjMgT7zgw&KRTB&22987-CAESECdU4_TqDP4IN-wjMgT7zgw&KRTB&23025-CAESECdU4_TqDP4IN-wjMgT7zgw; KRTBCOOKIE_391=22924-760253858157091964&KRTB&23263-760253858157091964; KADUSERCOOKIE=5731BC14-BF69-4F9B-A889-B31B0AEEC862; chkChromeAb67Sec=1; DPSync3=1621036800%3A226_221_201_227; SyncRTB3=1621036800%3A13_56_21_54_161_7_3_71_220%7C1621123200%3A35; KRTBCOOKIE_1235=23226-36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca:$UID; PugT=1619867984
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 01 May 2021 11:19:44 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-8261619582308977356; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 31-May-2021 11:19:44 GMT; path=/ PugT=1619867984; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 31-May-2021 11:19:44 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 30-Jul-2021 11:19:44 GMT; path=/
X-lat
amspug015:0:353
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8261619582308977356
set-cookie
guid=1.8261619582308977356; Max-Age=31104000; Path=/; Domain=.de17a.com;
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 85EB
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
42 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=66109028&p=156054&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_336=5844-8261619582308977356; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:4fc5608d-394c-4f00-9cc6-c44e6fdb818a&KRTB&16736-uid:4fc5608d-394c-4f00-9cc6-c44e6fdb818a&KRTB&23019-uid:4fc5608d-394c-4f00-9cc6-c44e6fdb818a&KRTB&23114-uid:4fc5608d-394c-4f00-9cc6-c44e6fdb818a; KRTBCOOKIE_57=22776-5113621828939330411; KRTBCOOKIE_377=6810-27fbb4d7-e69f-42dd-9a86-35b8153e5be6&KRTB&22918-27fbb4d7-e69f-42dd-9a86-35b8153e5be6&KRTB&23031-27fbb4d7-e69f-42dd-9a86-35b8153e5be6; KRTBCOOKIE_80=16514-CAESECdU4_TqDP4IN-wjMgT7zgw&KRTB&22987-CAESECdU4_TqDP4IN-wjMgT7zgw&KRTB&23025-CAESECdU4_TqDP4IN-wjMgT7zgw; KRTBCOOKIE_391=22924-760253858157091964&KRTB&23263-760253858157091964; KADUSERCOOKIE=5731BC14-BF69-4F9B-A889-B31B0AEEC862; chkChromeAb67Sec=1; DPSync3=1621036800%3A226_221_201_227; SyncRTB3=1621036800%3A13_56_21_54_161_7_3_71_220%7C1621123200%3A35; KRTBCOOKIE_1235=23226-36be7cee-86ef-4023-a7c4-f53a726279a3-tuct786beca:$UID; PugT=1619867984
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 01 May 2021 11:19:45 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 30-Jul-2021 11:19:45 GMT; path=/
X-lat
lhrpug015:0:409
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
expires
Sat, 01 May 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
3407
x-powered-by
ASP.NET
date
Sat, 01 May 2021 11:19:45 GMT
content-length
205
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1727
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VzG8FL9pT5uoibMbCu7IYg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=46791
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sun, 02 May 2021 00:19:50 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1727 		95 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=5731BC14-BF69-4F9B-A889-B31B0AEEC862
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64889ddd6a511782-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09c940fe69000017820139c000000001
info
uipglob.semasio.net/pubmatic/1/ Frame 1727 		42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5731BC14-BF69-4F9B-A889-B31B0AEEC862&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:43 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 1727
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=5731BC14-BF69-4F9B-A889-B31B0AEEC862&gdpr=
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5731BC14-BF69-4F9B-A889-B31B0AEEC862&addseg=20
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 1727
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTczMUJDMTQtQkY2OS00RjlCLUE4ODktQjMxQjBBRUVDODYy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:44 GMT
X-lat
amspug002:0:741
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1727
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECdU4_TqDP4IN-wjMgT7zgw&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECdU4_TqDP4IN-wjMgT7zgw&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:45 GMT
X-lat
amspug003:0:432
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECdU4_TqDP4IN-wjMgT7zgw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1727 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 30 Apr 2021 11:19:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1727
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=760253858157091964
42 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=760253858157091964
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:46 GMT
X-lat
lhrpug003:0:413
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:45 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=760253858157091964
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 1727
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=27fbb4d7-e69f-42dd-9a86-35b8153e5be6
42 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=27fbb4d7-e69f-42dd-9a86-35b8153e5be6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:46 GMT
X-lat
lhrpug002:0:2959
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=27fbb4d7-e69f-42dd-9a86-35b8153e5be6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 1727
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4fc5608d-394c-4f00-9cc6-c44e6fdb818a&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4fc5608d-394c-4f00-9cc6-c44e6fdb818a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:46 GMT
X-lat
lhrpug020:0:457
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Sat, 01 May 2021 11:21:25 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4fc5608d-394c-4f00-9cc6-c44e6fdb818a&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 01 May 2021 11:21:24 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1727
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5113621828939330411&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5113621828939330411&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:45 GMT
X-lat
amspug006:0:355
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:45 GMT
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.75:80
AN-X-Request-Uuid
88de251e-9bd8-497d-b34d-4292320dcb43
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5113621828939330411&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
5731BC14-BF69-4F9B-A889-B31B0AEEC862
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1727 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/5731BC14-BF69-4F9B-A889-B31B0AEEC862?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
clarium.global.ssl.fastly.net/ Frame A976 		114 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
703b3df998bdb71d329c999f11d766507118d77b2507d7a097ad8107b915bc94

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:48 GMT
Content-Encoding
gzip
Age
297
X-Cache-Status
hit
X-Cache
HIT
X-Cache-Hits
2
Connection
keep-alive
Content-Length
34012
X-Served-By
cache-ams21082-AMS
Pragma
no-cache
Access-Control-Allow-Origin
*
Server
nginx
X-Timer
S1619867989.823524,VS0,VE0
ETag
92008f177927b4f3b6e0eb8a58b7bd5a472ff812
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Expires
Sat, 26 Jul 1997 04:59:59 GMT
bundle.js
ib.3lift.com/rev/33ee2308e5593c82b3b680a193af51ef5c205529/dist/ 		238 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/33ee2308e5593c82b3b680a193af51ef5c205529/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=dailymail_desktop_box_mpu_top_prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c955ba1b5002911b8b5670fee7c35d7011701b16266fc6b758602bbe8de7a5cf

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 19:14:34 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 18:37:47 GMT
server
AmazonS3
age
230712
etag
"d12f2f35275e02354fe48e23905b0340"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
77614
x-amz-cf-id
3cC9hfPl9Rz9RlDV-ejURcVgK3tmIW1pO4D9PK5J8K0W1Zfj9f0N4A==
truncated
/ Frame 3D6D 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c36043d0e048cedc43144411dcd8a8f1e73a40d225e2d016ff86c2f9b497cdc6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3D6D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssps-MjP2YXf7aJmleBzXlSCbxY30k14-SkFFNPSOsud26hZViXfHwbnc3eD1V1f3ku7b7FzXaGKEKb9rfmRGNh6fRE8IpsUeG7PZXlBD3T2W0PA0HNj5rmsv5Rx8gQBsvho7rQAdri7bXBHBNGP4-2uyutXUxUC3gkX35vtfiIFH8M1eSINFrqkSPo-MagqVI1eEME5p4ZWdV0G2tZY1UVIhfxIJ3BlAcMdlss6anKNn1VvHN_GggKIlIjrkjogc-sat8LrcbBmH9MHRc8tdFlKDF2xXDe47OZlfoUbqzIJX2Q-4LphplI17ggPW56_AkZbs9SsiZ_erNs-a8eq-J-Lss&sig=Cg0ArKJSzPTI3SKpbcKOEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 01 May 2021 11:19:45 GMT
async_usersync
ib.adnxs.com/ Frame 579A 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:45 GMT
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.77:80
AN-X-Request-Uuid
24eb198e-c046-489b-b4fa-2abc914c8366
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01F4KTGA75PCDVZYDENATBA45A&persistence=1&checksum=90eec0b33bf5f6ee6d02cb00b31e5a6504775f86afaaf424638cda8d9b5e98c9
192 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?xguid=01F4KTGA75PCDVZYDENATBA45A&persistence=1&checksum=90eec0b33bf5f6ee6d02cb00b31e5a6504775f86afaaf424638cda8d9b5e98c9
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
openresty/1.11.2.5 /
Resource Hash
ca19429f9a71b3c68846025f6f1f047f4ab82e2349ce51985b96f28b51c7f3ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.dailymail.co.uk
vary
Accept-Encoding
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Sat, 01 May 2021 11:20:02 GMT
via
1.1 google
server
openresty/1.11.2.5
access-control-allow-origin
https://www.dailymail.co.uk
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://r.skimresources.com/api/?xguid=01F4KTGA75PCDVZYDENATBA45A&persistence=1&checksum=90eec0b33bf5f6ee6d02cb00b31e5a6504775f86afaaf424638cda8d9b5e98c9
access-control-allow-credentials
true
content-type
text/html
alt-svc
clear
content-length
193
casale
match.adsrvr.org/track/cmf/ Frame 5E51 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YI05Tai0YTdwuhMqzashnwAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.153.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 5E51
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YI05Tai0YTdwuhMqzashnwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPyjxeb0GYPH2nkAirCj7NM&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPyjxeb0GYPH2nkAirCj7NM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 May 2021 11:19:47 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPyjxeb0GYPH2nkAirCj7NM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5E51
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YI05Tai0YTdwuhMqzashnwAABLsAAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEGkwapY3NdtrlJVPol_DXa4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEGkwapY3NdtrlJVPol_DXa4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 01 May 2021 11:19:46 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEGkwapY3NdtrlJVPol_DXa4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5E51
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI05Tai0YTdwuhMqzashnwAABLsAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI05Tai0YTdwuhMqzashnwAABLsAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI05Tai0YTdwuhMqzashnwAABLsAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:47 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:47 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI05Tai0YTdwuhMqzashnwAABLsAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
ib.adnxs.com/ Frame 5E51 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5E51 		0
0
cookiesync
bttrack.com/pixel/ Frame 5E51 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Sat, 01 May 2021 11:19:26 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rum
dsum.casalemedia.com/ Frame 5E51
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1619954385&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1619954385&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 01 May 2021 11:19:46 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1619954385&gdpr=1
pragma
no-cache
date
Sat, 01 May 2021 11:19:45 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame 5E51 		43 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=YI05Tai0YTdwuhMqzashnwAA%261211
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.47.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.16.1 / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:46 GMT
ETag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
Server
nginx/1.16.1
x-powered-by
adzerk bifrost/
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
undefined
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
Content-Length
43
x-served-by
engine-production-i-0ac5d8cd6ee116bbc
/
clarium.global.ssl.fastly.net/ Frame 3338 		114 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
703b3df998bdb71d329c999f11d766507118d77b2507d7a097ad8107b915bc94

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:48 GMT
Content-Encoding
gzip
Age
297
X-Cache-Status
hit
X-Cache
HIT
X-Cache-Hits
3
Connection
keep-alive
Content-Length
34012
X-Served-By
cache-ams21082-AMS
Pragma
no-cache
Access-Control-Allow-Origin
*
Server
nginx
X-Timer
S1619867989.876808,VS0,VE0
ETag
92008f177927b4f3b6e0eb8a58b7bd5a472ff812
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Expires
Sat, 26 Jul 1997 04:59:59 GMT
SiteEvent.dotmetrics
uk-script.dotmetrics.net/ 		316 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6NDYxNSwiZmwiOnRydWUsImRvbSI6Ind3dy5kYWlseW1haWwuY28udWsiLCJmc28iOm51bGwsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuZGFpbHltYWlsLmNvLnVrL3dpcmVzL3JldXRlcnMvYXJ0aWNsZS05NTI5Nzg1L0FmdGVyLW1hc2tlZC1idW5uaWVzLUJlbGdpYW4tYXJ0aXNhbi1zaGlmdHMtY2hvY29sYXRlLXN5cmluZ2VzLmh0bWw%2FX2hzbWk9ODg5NzQ3NDQmX2hzZW5jPXAyQU5xdHotLVV3X1E1b3JZamFzVU5TM0tyR0VmNmlLYnBKWXZDc19CVFdfV1d0bWlKUFhXX2VROU4xcjlLY192Y2E4ZUFLSm9JeWowY2xuV2ZKRzlTMHZjWWhFaWcyVllSYjhkdmd4OXJpYVh0VEF6RlkxbUZ5eVkiLCJydXJsIjoiIiwicHZzIjoxLCJwdmlkIjoia281bmtoM2RjazNvbnA2a3k4Iiwib3NzIjp0cnVlLCJvc2VzIjp0cnVlfQ%3D%3D&r=1619867985916
Requested by
Host: uk-script.dotmetrics.net
URL: https://uk-script.dotmetrics.net/Scripts/script.js?v=181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0dbc6e23e0ad3a671c3246813fdf306b803118f2d3a3cc74fdfb97c4bf9e05af

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:46 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
AMS1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control
no-cache
content-type
application/javascript
x-amz-cf-id
Re9CLmLltea-wDN8478-2ZhBFlf_rGIoTsGL2GfYUoa98cCQ_-a3wQ==
c57dfb5a1dc8caf3e693a8ff256c2fa0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/c57dfb5a1dc8caf3e693a8ff256c2fa0.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94597c556eef4fd01fe311a447e7669584180256fd43b20d63891a163816283e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_1CnRRpv3WkY4YE.dnJelea3F83vhEw3
via
1.1 varnish
etag
"711a74dedf1d787839244bcd8af73473"
age
24615
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
20549
x-amz-id-2
11R3av+qG4XnGgfXqAKyfrJZ3feavXxgdtWADDlxGqG+nsS/WK1uqAXpvOUzK8lk3ec5WiNxEao=
x-served-by
cache-hhn11572-HHN
last-modified
Wed, 24 Jun 2015 03:49:58 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1415049902/atime:1435052170/md5:711a74dedf1d787839244bcd8af73473/ctime:1422381536
x-timer
S1619867987.670881,VS0,VE0
date
Sat, 01 May 2021 11:19:46 GMT
x-amz-request-id
ECDPZ71Z95TAADQ7
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
16
x-cache-hits
5
59c117bc88bbdeb72aa0f547e69e41ec.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59c117bc88bbdeb72aa0f547e69e41ec.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
12428d09342658cc26a1b6b21b9d2f495dacf4e80332749d2dc095ca2dd4f160

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 01 May 2021 11:19:46 GMT
via
1.1 varnish, 1.1 varnish
age
933933
edge-cache-tag
558432203953614086582314649392400351277,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
expiration
expiry-date="Thu, 20 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59c117bc88bbdeb72aa0f547e69e41ec.jpg
content-length
11294
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Mon, 19 Apr 2021 09:50:33 GMT
server
nginx
x-timer
S1619867987.705651,VS0,VE1
etag
"4077177ec5e97042ca24f86e92a1adf9"
x-served-by
cache-wdc5573-WDC, cache-dca17743-DCA, cache-fra19147-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
5782c2eabfdc3a7f78bcace4655ca74e_1000x600_2586c1bccb05b19ad2fc172c6539168f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/5782c2eabfdc3a7f78bcace4655ca74e_1000x600_2586c1bccb05b19ad2fc172c6539168f.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
69596c3d04dadbea44e08cda9497db53593ae425026fc8b124968891d56628b9

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 01 May 2021 11:19:46 GMT
via
1.1 varnish, 1.1 varnish
age
1208840
edge-cache-tag
388443271065614553772502673923289031411,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
expiration
expiry-date="Mon, 26 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/5782c2eabfdc3a7f78bcace4655ca74e_1000x600_2586c1bccb05b19ad2fc172c6539168f.png
content-length
9738
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Fri, 26 Mar 2021 11:30:39 GMT
server
nginx
x-timer
S1619867987.741484,VS0,VE1
etag
"8a691ea947b60eff3ca27010f2a12f41"
x-served-by
cache-wdc5564-WDC, cache-dca17732-DCA, cache-fra19147-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
instantdivorce1_1000x600_dd02a624664afc3e2fd197996e4451ba.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/instantdivorce1_1000x600_dd02a624664afc3e2fd197996e4451ba.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3fec21ad311f24b8f3aff8103bf76301ded15af23a7838e736439b131d07b212

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 01 May 2021 11:19:46 GMT
via
1.1 varnish, 1.1 varnish
age
1318337
edge-cache-tag
294369875727493602598338406628082179186,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
expiration
expiry-date="Fri, 07 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/instantdivorce1_1000x600_dd02a624664afc3e2fd197996e4451ba.png
content-length
7454
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 06 Apr 2021 12:33:33 GMT
server
nginx
x-timer
S1619867987.773898,VS0,VE0
etag
"fbce925b51bc89d053177fe6b7f4e260"
x-served-by
cache-wdc5551-WDC, cache-dca17753-DCA, cache-fra19147-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 884
10a36a6c80295801d49930ecfeca36f8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10a36a6c80295801d49930ecfeca36f8.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cff7b5273b2ec8ea689c393cf49341a0118f75bd50ca1c0e7bb8f2c45de1b0ee

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 01 May 2021 11:19:46 GMT
via
1.1 varnish, 1.1 varnish
age
213995
edge-cache-tag
520791892416332991972164425094890072266,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10a36a6c80295801d49930ecfeca36f8.jpg
content-length
7192
x-request-id
f499973f76106777da34a45041b223a9
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Tue, 27 Apr 2021 11:57:13 GMT
server
nginx
x-timer
S1619867987.828479,VS0,VE1
etag
"69f58fb3255f4e6bc488880eec541749"
x-served-by
cache-wdc5577-WDC, cache-dca17757-DCA, cache-fra19147-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
126df4437e1f9ba3043d579b22edd827_1000x600_afe5b8a2b59014d5cb197d19e71573b5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/126df4437e1f9ba3043d579b22edd827_1000x600_afe5b8a2b59014d5cb197d19e71573b5.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
723049a80d7c8ffab8a91f797c9dced4ea4762586fe922478a19c2cdfd4aaf50

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 01 May 2021 11:19:46 GMT
via
1.1 varnish, 1.1 varnish
age
4405165
edge-cache-tag
433783008445635331339915531670006686301,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/126df4437e1f9ba3043d579b22edd827_1000x600_afe5b8a2b59014d5cb197d19e71573b5.png
content-length
11522
x-request-id
9c31a68e12fb40f32523e29edd92daa6
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Sat, 06 Mar 2021 21:07:41 GMT
server
nginx
x-timer
S1619867987.859308,VS0,VE1
etag
"b99dd0e23c8a2fed3d32d12a831a3165"
x-served-by
cache-wdc5549-WDC, cache-dca17743-DCA, cache-fra19147-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
edec516a2d687564cef769c34170b1db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/edec516a2d687564cef769c34170b1db.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3e589793e1e9c8b771d00aab364191ca3662933e89a37822e495d6507b0ad1f7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 01 May 2021 11:19:46 GMT
via
1.1 varnish, 1.1 varnish
age
3178074
edge-cache-tag
293386427038188382074246702771903125087,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
68
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/edec516a2d687564cef769c34170b1db.jpg
content-length
7788
x-request-id
0774af00dbb86065b5d198bcc9d702e6
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 15 Mar 2021 11:49:43 GMT
server
nginx
x-timer
S1619867987.896609,VS0,VE1
etag
"95a667babe9753c4049d8f22b134b1a2"
x-served-by
cache-wdc5524-WDC, cache-dca12923-DCA, cache-fra19147-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
2
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
e7f2dc9bb5bff0b7cf7f2a89c7077a94.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e7f2dc9bb5bff0b7cf7f2a89c7077a94.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9d701bd91c5953c8bb6e194644fd8edde2f7d0b28a242add279f9b26a04fb36b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 01 May 2021 11:19:46 GMT
via
1.1 varnish, 1.1 varnish
age
3211962
edge-cache-tag
599269604718071095157781445453133414981,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
98
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e7f2dc9bb5bff0b7cf7f2a89c7077a94.jpg
content-length
11234
x-request-id
294aec679f6b7473d6b161697554d04b
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Thu, 04 Mar 2021 09:49:44 GMT
server
nginx
x-timer
S1619867987.929193,VS0,VE1
etag
"08fad08ef9f44a916fa07c211b3f2562"
x-served-by
cache-wdc5576-WDC, cache-dca12924-DCA, cache-fra19147-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
c6fa7de7188ffbe692ab9806ee21f781.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6fa7de7188ffbe692ab9806ee21f781.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8fc03ee75325911fa952d8c176671e6254779221cd1432f2675ec3449489ef67

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sat, 01 May 2021 11:19:46 GMT
via
1.1 varnish, 1.1 varnish
age
4111544
edge-cache-tag
345140618740602777744178665591812170957,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6fa7de7188ffbe692ab9806ee21f781.jpg
content-length
7210
x-request-id
5e8b4827e1fd76ce9ed730325a1d67d9
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Wed, 10 Mar 2021 07:47:12 GMT
server
nginx
x-timer
S1619867987.929124,VS0,VE3
etag
"13c5582cbf4e5575a54b52e4a6cfafa5"
x-served-by
cache-wdc5523-WDC, cache-dca12920-DCA, cache-fra19147-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
393a3afaf1752f2a3c96946fa663d6ba.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/393a3afaf1752f2a3c96946fa663d6ba.jpeg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5db293d683037bfdacab006bd2c9c1c80e854b99b8540a516d0dc35deda16f47

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 01 May 2021 11:19:46 GMT
via
1.1 varnish, 1.1 varnish
age
356011
edge-cache-tag
305206288698424253357549270349952098128,534554604223319601008643105194670925976,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_217%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/393a3afaf1752f2a3c96946fa663d6ba.jpeg
content-length
10594
x-request-id
498f84becc5921c47187d1da3cba47bc
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 26 Apr 2021 14:34:59 GMT
server
nginx
x-timer
S1619867987.962500,VS0,VE1
etag
"b5864b75769da4d3bae537a8e44d7a61"
x-served-by
cache-wdc5520-WDC, cache-dca17754-DCA, cache-fra19147-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
/
crta.dailymail.co.uk/ 		8 B
451 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:288::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.10 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
server
http-to-kafka/0.8.10
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Sat, 01 May 2021 11:19:49 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
YI05Tai0YTdwuhMqzashnwAABLsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BBE6 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YI05Tai0YTdwuhMqzashnwAABLsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame BBE6 		0
0
crum
dsum-sec.casalemedia.com/ Frame BBE6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4fc5608d-394c-4f00-9cc6-c44e6fdb818a&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4fc5608d-394c-4f00-9cc6-c44e6fdb818a&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 May 2021 11:19:47 GMT

Redirect headers

Date
Sat, 01 May 2021 11:21:26 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4fc5608d-394c-4f00-9cc6-c44e6fdb818a&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 01 May 2021 11:21:25 GMT
rum
dsum-sec.casalemedia.com/ Frame BBE6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4071877197420028967
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4071877197420028967
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 May 2021 11:19:47 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4071877197420028967
pragma
no-cache
date
Sat, 01 May 2021 11:19:45 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
match
c1.adform.net/serving/cookie/ Frame BBE6 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:46 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
cc
px.owneriq.net/eucm/p/ Frame BBE6 		0
0
ping_match.gif
pm.w55c.net/ Frame BBE6 		0
0
crum
dsum-sec.casalemedia.com/ Frame BBE6
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 01 May 2021 11:19:47 GMT

Redirect headers

date
Sat, 01 May 2021 11:19:47 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
htw-pixel.gif
js-sec.indexww.com/ht/ Frame BBE6 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YI05Tai0YTdwuhMqzashnwAA%261211
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.dailymail.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:51 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1013
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 May 2021 11:36:44 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D6C9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 01 May 2021 09:29:22 GMT
expires
Sun, 01 May 2022 09:29:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6624
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/10507625/1618587453204/ Frame 9553 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10507625/1618587453204/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c0306dccdca01e0d30f9d03e8edc86552b9b3c1b5f1f2d9b262fd9025cec637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10507625/1618587453204/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2155
date
Fri, 30 Apr 2021 13:40:34 GMT
expires
Sat, 01 May 2021 13:40:34 GMT
last-modified
Fri, 16 Apr 2021 15:37:33 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
77952
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 16B6 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqZEAPGvCj4IRF0fU01olyQk_DCs7YlroS_SPQ8edzPMHEtnlqhCMbo6fpFT1DfT3CnX6c9m5vo4PmuJOX-35bbc1h3DqSbXC-odqzm4TcLxNAIgovVaJzuYUvdmqetsbJy6MBvn1lTnq3C4IAdQ&sig=Cg0ArKJSzHo53igoaHfLEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1479&cbvp=1&cstd=1465&cisv=r20210428.94169&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
480x270_MP4_732348450527923951.mp4
video.dailymail.co.uk/video/mol/2021/04/27/732348450527923951/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://video.dailymail.co.uk/video/mol/2021/04/27/732348450527923951/480x270_MP4_732348450527923951.mp4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.dailymail.co.uk/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 01 May 2021 11:19:46 GMT
last-modified
Tue, 27 Apr 2021 17:10:00 GMT
server
AkamaiNetStorage
etag
"b5aa63434fa7e45b31468e067e2f60c0:1619543400.496321"
content-type
video/mp4
Content-Range
bytes 0-1787111/1787112
accept-ranges
bytes
Content-Length
1787112
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
13468
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by
cache-hhn11572-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1619867987.013429,VS0,VE0
date
Sat, 01 May 2021 11:19:47 GMT
x-amz-request-id
BZA2MM8GAVQZA74K
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
16
x-cache-hits
13249
st
imprammp.taboola.com/ Frame 696C 		1 KB
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&cmcv=&pix=undefined&cb=1619867986570&uv=2958&tms=1619867986570&abt=adh5c-1_vA!insc_vA!moatVimpOptimization_vB!spa2_vA!sre_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=36859FDDF1215429990738196246&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
89db1083db4741cbb8efac4796e50b7b8ff0f16c459fa9b8ce91089e6c8f3b41

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&cmcv=&pix=undefined&cb=1619867986570&uv=2958&tms=1619867986570&abt=adh5c-1_vA!insc_vA!moatVimpOptimization_vB!spa2_vA!sre_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=36859FDDF1215429990738196246&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=b3dc73dd-82cc-4e44-a376-17276b5c591d-tuct786bed0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Sat, 01 May 2021 11:19:46 GMT
via
1.1 varnish
x-served-by
cache-hhn11572-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1619867987.626862,VS0,VE221
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame 1EAD 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
060b84c1bf53e12b7dbf7e3bc9a16f0b49b3f5f04f23780a68db74a5b9d0eb07

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=b3dc73dd-82cc-4e44-a376-17276b5c591d-tuct786bed0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

server
nginx
date
Sat, 01 May 2021 11:19:46 GMT
content-type
text/html;charset=ISO-8859-1
machineid
9404
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=420&height=236&pubid=169497&tagid=953497&crid=4706985&noaop=3&sortOrderType=0&cb=1619867986628&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1221&pt=1517974447&tz=120&viewable=true&ddast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1182345&dpubid=223815&abtst=adh5c-1_vA!insc_vA!moatVimpOptimization_vB!spa2_vA!sre_vA!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.dailymail.co.uk&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.1/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
521a55eda34d69a18f2450b0bcb0abd3b02ed8ece6cf788568ba5a8ce17ed267

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Sat, 01 May 2021 11:19:46 GMT
content-encoding
gzip
access-control-allow-origin
https://www.dailymail.co.uk
machineid
1428
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19147-FRA
pragma
no-cache
server
nginx
x-timer
S1619867987.656710,VS0,VE51
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&cmcv=&pix=31589837&cb=1619867986570&uv=2958&tms=1619867986570&abt=adh5c-1_vA!insc_vA!moatVimpOptimization_vB!spa2_vA!sre_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1619867970201.3809!ts:1619867986570&mntl=1
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:47 GMT
content-length
0
server
nginx
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=27fbb4d7-e69f-42dd-9a86-35b8153e5be6&_origin=1&gdpr=1&gdpr_consent=
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=27fbb4d7-e69f-42dd-9a86-35b8153e5be6&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:47 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=27fbb4d7-e69f-42dd-9a86-35b8153e5be6&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sync
pixel.advertising.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YI05YgAAlzj4vABg&_origin=0&gdpr=0&gdpr_consent=&_test=YI05YgAAlzj4vABg
0
0
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP255d5fba-aa6f-11eb-b769-06bc59bb0262
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAyNTVkNWZiYS1hYTZmLTExZWItYjc2OS0wNmJjNTliYjAyNjI%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEHQ3GdW8qmI0dKx2EFXztGY&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHQ3GdW8qmI0dKx2EFXztGY&google_cver=1&apid=UP255d5fba-aa6f-11eb-b769-06bc59bb0262
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHQ3GdW8qmI0dKx2EFXztGY&google_cver=1&apid=UP255d5fba-aa6f-11eb-b769-06bc59bb0262
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:51 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHQ3GdW8qmI0dKx2EFXztGY&google_cver=1&apid=UP255d5fba-aa6f-11eb-b769-06bc59bb0262
date
Sat, 01 May 2021 11:19:51 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=dailymail_desktop_box_mpu_top_prebid&aid=47031069887385745714&rev=33ee230&bc=3.508&pr=un&brid=9105&bmid=3658&biid=4718&bcud=3508&sid=16687&ts=1619867973&caid=0&unid=0&domain=www.dailymail.co.uk&ref=https%253A%252F%252Fwww.dailymail.co.uk%252Fwires%252Freuters%252Farticle-9529785%252FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&rr=creative&fid=10&rb=0&g=0&cb=34676
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame FED1 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9477c7c5e3bde8486b460eae7c614096db478d2fe558511545769acf955b1883

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
clk
ad.doubleclick.net/ddm/adj/N4331.284566THETRADEDESK/B25637237.301547608;sz=300x250;click0=http://insight.adsrvr.org/track/ Frame 66C9 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N4331.284566THETRADEDESK/B25637237.301547608;sz=300x250;click0=http://insight.adsrvr.org/track/clk?imp=96f9f5e5-c14e-454d-9a9d-304d4f3b6c14&ag=mcjg006&sfe=12c4b945&sig=A8ZhScTmX8Sh4Krs_c4GoxyRYf4Z-gY1nqdsMEmTMts.&crid=sqh3smbl&cf=2224661&fq=0&t=1&td_s=www.dailymail.co.uk&rcats=zm4,jba,7sp,usw,5rf,7gr,3c6,2gy,hmy,y29,tmc,d3i&mcat=&mste=dailymail.co.uk&mfld=4&mssi=None&mfsi=1n1l9xz7a8&sv=triplelift&uhow=157&agsa=&wp=3.508&rgco=Belgium&rgre=Brussels%20Capital&rgme=&rgci=Brussels&rgz=1930&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=376&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=&c=OAFQAYABAIgBAQ..&dur=&durs=UJSBm-&crrelr=&npt=&svscid=3568&mdl=Chrome%20-%20Windows&adpt=tl_ltriplelift&ipl=hd_57447&ict=Unknown&said=47031069887385745714&auct=1&grdc=CAE.&r=;ord=856553;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/33ee2308e5593c82b3b680a193af51ef5c205529/dist/bundle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
4a8fb38a9ffd6c70859545fe16b4bde2e8ddbddaf37586f8727402d25a50fd79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17696
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/697509/54255739/ Frame 66C9 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/697509/54255739/skeleton.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/33ee2308e5593c82b3b680a193af51ef5c205529/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0d39a4928cd2ceb6b231d1cd0a37543490bc01d1c0fa3dd5c39b830cdeac888e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:46 GMT
content-encoding
gzip
x-server-name
app30.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
ca
choices.truste.com/ Frame 66C9 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=6dt6nwp_mcjg006_sqh3smbl&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/33ee2308e5593c82b3b680a193af51ef5c205529/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cc12e20bb61f4ab29d21ebecb788801a53dc24a26436829643f4f185282c3330

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:46 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA56-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id
yhCaVMTNFhDhNmpqvkWxKug7z6xYppnMd1W7u1oGS_vT-xvRDU8PEQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
triplelift
de1-bid.adsrvr.org/bid/feedback/ Frame 66C9 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/triplelift?t=1&iid=96f9f5e5-c14e-454d-9a9d-304d4f3b6c14&crid=sqh3smbl&wp=3.508&aid=1&wpc=USD&sfe=12c4b945&puid=&tdid=00000000-0000-0000-0000-000000000000&pid=sr0jhd1&ag=mcjg006&adv=4mvj28f&sig=1ihm0ffzuiB4sYGk4qlXUtWHQEbwr1h3sD4lA29BTKYw.&bp=3.50800020678270651605&cf=2224661&fq=0&td_s=www.dailymail.co.uk&rcats=zm4,jba,7sp,usw,5rf,7gr,3c6,2gy,hmy,y29,tmc,d3i&mcat=&mste=dailymail.co.uk&mfld=4&mssi=None&mfsi=1n1l9xz7a8&uhow=157&agsa=&rgco=Belgium&rgre=Brussels%20Capital&rgme=&rgci=Brussels&rgz=1930&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=376&did=&rcxt=Other&lat=50.880000&lon=4.500000&tmpc=&daid=&vp=0&osi=&osv=&mdl=Chrome%20-%20Windows&c=OAFQAYABAIgBAQ..&dur=&durs=UJSBm-&crrelr=&adpt=tl_ltriplelift&ipl=hd_57447&grdc=CAE.&vc=3&said=47031069887385745714&ict=Unknown&auct=1&im=1&mc=a0444ac9-2db2-47ff-86ff-2ee59c9815bb
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/33ee2308e5593c82b3b680a193af51ef5c205529/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:47 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
must-revalidate, no-cache
connection
close
content-type
image/gif
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=dailymail_desktop_box_mpu_top_prebid&aid=47031069887385745714&rev=33ee230&bc=3.508&pr=un&brid=9105&bmid=3658&biid=4718&bcud=3508&sid=16687&ts=1619867973&caid=0&unid=0&domain=www.dailymail.co.uk&ref=https%253A%252F%252Fwww.dailymail.co.uk%252Fwires%252Freuters%252Farticle-9529785%252FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%253F_hsmi%253D88974744%2526_hsenc%253Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&rr=creative&fid=10&rb=0&g=0&cb=78595
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 3D6D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIaq9RgRzb9md_lktJ4ZacxabJPdNNGUZ8qbw6J6FwTUDTWnoQ1BweuKXsPY6k7BICuK72VgfQX9kZ6U1V23b_MPwl6p3c7ZuAi0qx6tI&sig=Cg0ArKJSzM8wRa3wYgchEAE&id=lidar2&mcvt=1444&p=513,978,763,1278&mtos=1444,1444,1444,1444,1444&tos=1444,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1681197377&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1619867979606&dlt=0&rpt=6181&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=dailymail_desktop_box_mpu_top_prebid&aid=47031069887385745714&rev=33ee230&bc=3.508&pr=3.087&brid=9105&bmid=3658&biid=4718&bcud=3508&sid=16687&ts=1619867973&caid=0&unid=0&cepos=0&ceid=0&cb=34896
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 66C9 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dailymail.co.uk
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 14:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74917
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 May 2021 14:31:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame 66C9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4331.284566THETRADEDESK/B25637237.301547608;sz=300x250;click0=http://insight.adsrvr.org/track/clk?imp=96f9f5e5-c14e-454d-9a9d-304d4f3b6c14&ag=mcjg006&sfe=12c4b945&sig=A8ZhScTmX8Sh4Krs_c4GoxyRYf4Z-gY1nqdsMEmTMts.&crid=sqh3smbl&cf=2224661&fq=0&t=1&td_s=www.dailymail.co.uk&rcats=zm4,jba,7sp,usw,5rf,7gr,3c6,2gy,hmy,y29,tmc,d3i&mcat=&mste=dailymail.co.uk&mfld=4&mssi=None&mfsi=1n1l9xz7a8&sv=triplelift&uhow=157&agsa=&wp=3.508&rgco=Belgium&rgre=Brussels%20Capital&rgme=&rgci=Brussels&rgz=1930&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=376&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=&c=OAFQAYABAIgBAQ..&dur=&durs=UJSBm-&crrelr=&npt=&svscid=3568&mdl=Chrome%20-%20Windows&adpt=tl_ltriplelift&ipl=hd_57447&ict=Unknown&said=47031069887385745714&auct=1&grdc=CAE.&r=;ord=856553;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:18:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 May 2021 11:18:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 66C9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 04:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22922
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 04:57:45 GMT
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame 66C9 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/697509/54255739/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 16:37:27 GMT
content-encoding
gzip
age
931340
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
AmazonS3
etag
W/"3bc122544b299af3472a4ba27ce7978f"
vary
Accept-Encoding
x-amz-version-id
YnDfosEmPFk1USroKyX80ierLiGWq8lS
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
Ct4rczc5d8_2yY4Iq6BeaTcBGzrtZaAcTtPMUneMt76GijDNRgGaCw==
bulk
trc.taboola.com/dailymail-row/log/3/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/dailymail-row/log/3/bulk?tvi2=2512&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210428-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
59
pragma
no-cache
date
Sat, 01 May 2021 11:19:48 GMT
via
1.1 varnish
server
nginx
x-timer
S1619867989.711000,VS0,VE59
x-served-by
cache-fra19165-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
skeleton.js
static.adsafeprotected.com/ Frame 16B6
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/697509/54255735/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-c...
  • https://static.adsafeprotected.com/skeleton.js
17 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 17:26:20 GMT
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
age
5075609
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
cE7IYQ7KP90ctEjT8W88Ws8aQFDyCTrlrklSff2GR9NIqBxNb106fw==

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:47 GMT
x-server-name
app16.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.5.js
static.adsafeprotected.com/ Frame 0203 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:58:11 GMT
content-encoding
gzip
age
141697
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
AmazonS3
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
vary
Accept-Encoding
x-amz-version-id
Yr.mBFfewYS8TEW0QSrmcai42PlDhFZ2
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
XLh2chL2zzINGJMit2sIU0XBiKxTbG7F5rwx0hc5E0iwc4GXCE-F7Q==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=c10c72a7-e44e-d8af-4335-c404198b1ab4&tv=%7Bc:bmFjHn,pingTime:-8,time:2707,type:l,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2707,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:2703,wc:0.0.1600.1200,ac:315.197.970.250,am:i,cc:315.197.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B83~100%5D,as:%5B83~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19*.697509-54255735%7C191%7C192%7C1a1%7C1a2%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
x-server-name
dt49.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
SPug
simage4.pubmatic.com/AdServer/ Frame 1727 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156054&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:54 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
createjs.min.js
code.createjs.com/1.0.0/ Frame 9553 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10507625/1618587453204/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:47 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 01 May 2021 11:34:47 GMT
index.js
s0.2mdn.net/10507625/1618587453204/ Frame 9553 		106 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10507625/1618587453204/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10507625/1618587453204/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c41b3988953c9e13249914a65ff7b33409da5cb33f4af180f64384c9a4adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10507625/1618587453204/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 13:40:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77953
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19717
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 15:37:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 01 May 2021 13:40:34 GMT
sync
taboola-supply-partners.tremorhub.com/ Frame 1EAD 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:7659:1bf:d736:fba9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:48 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
pixel.advertising.com/ups/58166/ Frame 1EAD 		0
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-23.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:50 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 1EAD
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1f4dd7f4-aa6f-11eb-b052-141484330306&orig=video&us_privacy=1---
0
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1f4dd7f4-aa6f-11eb-b052-141484330306&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.127:10213
date
Sat, 01 May 2021 11:19:48 GMT
server
nginx
x-fastly-to-nlb-rtt
3911

Redirect headers

Date
Sat, 01 May 2021 11:19:48 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1f4dd7f4-aa6f-11eb-b052-141484330306&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
104
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 1EAD 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.13.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-13-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
sync
taboola-supply-partners.tremorhub.com/ Frame 696C 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&cmcv=&pix=undefined&cb=1619867986570&uv=2958&tms=1619867986570&abt=adh5c-1_vA!insc_vA!moatVimpOptimization_vB!spa2_vA!sre_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=36859FDDF1215429990738196246&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:7659:1bf:d736:fba9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:48 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
pixel.advertising.com/ups/58166/ Frame 696C 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&cmcv=&pix=undefined&cb=1619867986570&uv=2958&tms=1619867986570&abt=adh5c-1_vA!insc_vA!moatVimpOptimization_vB!spa2_vA!sre_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=36859FDDF1215429990738196246&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-23.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:50 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 696C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1f4dd7f4-aa6f-11eb-b052-141484330306&orig=video&us_privacy=1---
0
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1f4dd7f4-aa6f-11eb-b052-141484330306&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&cmcv=&pix=undefined&cb=1619867986570&uv=2958&tms=1619867986570&abt=adh5c-1_vA!insc_vA!moatVimpOptimization_vB!spa2_vA!sre_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=36859FDDF1215429990738196246&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Sat, 01 May 2021 11:19:48 GMT
server
nginx
x-fastly-to-nlb-rtt
3911

Redirect headers

Date
Sat, 01 May 2021 11:19:48 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=1f4dd7f4-aa6f-11eb-b052-141484330306&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
22
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 696C 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&cmcv=&pix=undefined&cb=1619867986570&uv=2958&tms=1619867986570&abt=adh5c-1_vA!insc_vA!moatVimpOptimization_vB!spa2_vA!sre_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=36859FDDF1215429990738196246&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.13.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-13-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=c10c72a7-e44e-d8af-4335-c404198b1ab4&tv=%7Bc:bmFjKi,pingTime:0,time:2888,type:pf,im:%7BpBlk:2729%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:2704%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2888,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:2703,wc:0.0.1600.1200,ac:315.197.970.250,am:i,cc:315.197.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B264~100%5D,as:%5B264~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19*.697509-54255735%7C191%7C192%7C1a1%7C1a2%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
x-server-name
dt37.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=c10c72a7-e44e-d8af-4335-c404198b1ab4&tv=%7Bc:bmFjPj,pingTime:-2,time:3199,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:4018,bdZ:4312,beA:6104,beZ:6106,mfA:8714,cmA:8725,inA:8725,inZ:8732,prA:8732,prZ:8798,si:8809,poA:8813,bl:8834,poZ:8834,cmZ:8834,mfZ:8834,loA:8993,loZ:9008,ltA:9303,ltZ:9303%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:2704%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:3199,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:2703,wc:0.0.1600.1200,ac:315.197.970.250,am:i,cc:315.197.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B576~100%5D,as:%5B576~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19*.697509-54255735%7C191%7C192%7C1a1%7C1a2%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,slid:%5Bgoogle_ads_iframe_/5765/dailymail.uk/dm_dmwires_reutersart/billboard_0,google_ads_iframe_/5765/dailymail.uk/dm_dmwires_reutersart/billboard_0__container__,billBoard,content,page-container,top%5D,sinceFw:490,readyFired:true%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
x-server-name
dt50.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0451 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 01 May 2021 09:29:22 GMT
expires
Sun, 01 May 2022 09:29:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6626
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
skeleton.js
static.adsafeprotected.com/ Frame 66C9
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/697509/54255739/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-c...
  • https://static.adsafeprotected.com/skeleton.js
17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 17:26:20 GMT
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
age
5075610
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
vcEkWzsKnVGGa8vXr52-EMdNa9IvEZjFvWrXTrub3TNKWw3SBonnxw==

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
x-server-name
app29.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.5.js
static.adsafeprotected.com/ Frame 7B08 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:58:11 GMT
content-encoding
gzip
age
141699
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
AmazonS3
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
vary
Accept-Encoding
x-amz-version-id
Yr.mBFfewYS8TEW0QSrmcai42PlDhFZ2
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
ZqnAb48zBEwYhiwoyQrgGGRz0QoLntv9BkU7NXXMnFwFWcJ9bNbCxQ==
activeview
pagead2.googlesyndication.com/pcs/ Frame 16B6 		42 B
501 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvEB_OxtdAwM0WWM_FLA87pqI8ohuh2Z5TJSHX2c9jDLhKZYEbcL7qgpQguq-9P3EUZpMzo3Zk9laxuw27img&sig=Cg0ArKJSzFnGuaTIDQCtEAE&id=lidar2&mcvt=1207&p=0,0,250,970&mtos=1207,1207,1207,1207,1207&tos=1207,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=34&adk=0&rs=6&met=mue&la=1&cr=0&vs=4&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 16B6 		0
528 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqZEAPGvCj4IRF0fU01olyQk_DCs7YlroS_SPQ8edzPMHEtnlqhCMbo6fpFT1DfT3CnX6c9m5vo4PmuJOX-35bbc1h3DqSbXC-odqzm4TcLxNAIgovVaJzuYUvdmqetsbJy6MBvn1lTnq3C4IAdQ&sig=Cg0ArKJSzHo53igoaHfLEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3425&vt=11&dtpt=1946&dett=3&cstd=1465&cisv=r20210428.94169&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 66C9 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619782032619693"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35920
x-xss-protection
0
expires
Sat, 01 May 2021 11:19:49 GMT
index.html
s0.2mdn.net/10507625/1618583823539/ Frame CB65 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10507625/1618583823539/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481fccb8c7af1757fd4746a1a7fd818c6a3a82e2f1048f31358d6e6339b2b156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10507625/1618583823539/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2368
date
Fri, 30 Apr 2021 18:57:06 GMT
expires
Sat, 01 May 2021 18:57:06 GMT
last-modified
Fri, 16 Apr 2021 14:37:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
58962
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 66C9 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvedKUkM-_6Vnc0Zs2GBMnPafkonVaM-R2Kw2lt4twzgKYT30mfsw9VeKr6FGYSKKraCS3IutrbbLw0vGVL9U8SfyTfFcjjLk1s2qSmdbr7qpXEzfEnbFRpDrOwRlZOqE6D8ROy9ZKmuV5cLvtk5w&sig=Cg0ArKJSzH0eYRjEwj9yEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=934&cbvp=1&cstd=932&cisv=r20210428.08289&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
pagead2.googlesyndication.com/bg/ Frame D6C9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 07:45:37 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
99251
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5617
x-xss-protection
0
expires
Sat, 30 Apr 2022 07:45:37 GMT
ev
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=dailymail_desktop_box_mpu_top_prebid&aid=47031069887385745714&rev=33ee230&bc=3.508&pr=3.087&brid=9105&bmid=3658&biid=4718&bcud=3508&sid=16687&ts=1619867973&caid=0&unid=0&cepos=0&ceid=0&cb=13836
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/ Frame C569 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&hl=en&iu=%2F5765%2Fdm.chromelessvideo%2Fdm_dmros_ros%2Fpreroll&correlator=2853606315275484&cust_params=length%3D30%26videoWidth%3D401%26videoHeight%3D225%26play%3D1%26embed%3Dfalse%26ttid%3D732348450527923951%26domain%3Ddailymail%26flyaway%3Dfalse%26s%3Doff%26videoTitle%3DSwimming_pool_collapses_into_parking_lot_at_beachfront_condo%26video%3Dsurveillance_footage%26environment%3Dproduction%26pos%3Djw_preroll%26abv%3Dnext-release%2Fa174b6cfc%26mvt%3Dpermutive_on%2Cuniversalid_on%2CperfMon_on%2Cfe_desktop_default%26bot%3Dfalse%26random%3D0392c6a4-6ed2-427e-9879-6389738ca5bc%26impid%3Ddee9d0a2-746c-4515-94c5-f48c72c4d067%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dwires%26subarea%3Dreuters%26adx_channel%3D16%26refreshCount%3D0%26player%3Djwplayer%26channel%3Dwires%26oov%3Dfalse%26sz%3D401x225&description_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-9517361%2FVideo-shows-moment-75-foot-long-pool-collapses-garage-beachfront-building-Brazil.html&url=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&scor=4152581833409313&sz=401x225&vid=732348450527923951&vpa=auto&vpmute=1&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&mpt=videojs&mpv=4.12.15&sdki=44d&adk=3644757835&sdk_apis=2%2C8&sid=9E141413-B9AE-4AA3-A2BD-411EFBFFB3F9&eid=44739826%2C44740340&dt=1619867988649&cookie=ID%3D43e9124a7804dba6%3AT%3D1619867978%3AS%3DALNI_Mb7WQucHF4osum28v1ZJQltzZovjQ&ged=ve4_td17_tt3_pd17_la17000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
8037a86a7e8f1da2c1e314d037a3af02b25696963aaa39f6b81c236d5f59ce09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3245
x-xss-protection
0
google-lineitem-id
5082125689
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138272434639
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=e70309e0-8a7e-49c2-a4ea-5541c650451a&tv=%7Bc:bmFjX1,pingTime:-2,time:1132,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:32,bdZ:96,beA:705,beZ:707,mfA:1441,cmA:1442,inA:1442,inZ:1445,prA:1445,prZ:1462,si:1466,poA:1468,poZ:1474,cmZ:1474,mfZ:1474,loA:1760,loZ:1765,ltA:1837,ltZ:1837%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:760%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1132,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:760,wc:0.0.1600.1200,ac:978.513.300.250,am:i,cc:978.513.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B395~0%5D,as:%5B395~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C1a1%7C1a2*.697509-54255739%7C1a21%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1a2*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5765/dailymail.uk/dm_dmwires_reutersart/mpu_top_0,google_ads_iframe_/5765/dailymail.uk/dm_dmwires_reutersart/mpu_top_0__container__,mpu_top,content,page-container,top%5D,sinceFw:370,readyFired:true%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
x-server-name
dt60.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 16B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIhhV9K5z8OKW4WnWdjW6yRpQvwtJzFrbupSN90YHlIxMvG1KWcNe_NhSXwmD3fQmtQPniiJX3Yb8LFmN_q5aRvgL6c3kBjiqWEISnSE_ZLUl8X5nG1ejT9mwhJ_MTIA0tidbLgoqiRQRSJhy4LHpM3-HbwQ9qojWhVIMWP_4mISczJjdtYJaUkEJolty5pBKXcsBQfj7sD2cxIlQI3NYfo5dwOYsTorqvpro0xPcPvu0OtjCDJy8GqX3dFV9-SbVZahuhthDLw4fGzDNfEKbWpaVkaXlme-2YzYZRqkggqxjr6QRJ6huQYO4Vb1UDgTJ8lAQHsTgWgonpaU1eX663zIBTSg&sig=Cg0ArKJSzD5vLeCG9vY8EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 01 May 2021 11:19:48 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame CB65 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10507625/1618583823539/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:48 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 01 May 2021 11:34:48 GMT
index.js
s0.2mdn.net/10507625/1618583823539/ Frame CB65 		93 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10507625/1618583823539/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10507625/1618583823539/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81ee11f8c5e5ef5a7f3d4bec479736b89b9470e77f0d281923bb67ba362f9577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10507625/1618583823539/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 18:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58962
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16294
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 14:37:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 01 May 2021 18:57:06 GMT
V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
pagead2.googlesyndication.com/bg/ Frame 0451 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 07:45:37 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
99251
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5617
x-xss-protection
0
expires
Sat, 30 Apr 2022 07:45:37 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=c10c72a7-e44e-d8af-4335-c404198b1ab4&tv=%7Bc:bmFk36,pingTime:-10,time:4054,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619867989058%7C%7C1357c98a004e0b28591df7ef47e04df8%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C95b514308f778a233f6f980ddf9847c1%7C%7C36331223dae95031d769ac4a78fd7fb9%7C%7Cb9ef4dba1ec5d64cef392bdcee113304%7C%7Ceaa3830fbdc8bdcb1d986333a13e796b%7C%7Ca4408ec4733705522bac88f8dffbc32e%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:5799,ecd:27,tsecr:487%7D,pWait:81,pLoad:3747%7D%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
x-server-name
dt61.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame A976 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuheaR8pxvTJKlvo77e7z2uiYfEMdX1AF4E-7-H1pvvyNv6b8bHkQciIl2Z7A75tNo0p3xKva3RWLcYZt7Th4rGhXqQgFjzUlrvHzo52_1yydOrhyz5nSZME8nvRyiT88rBNJnqFSQhOpg6oOHNQsQHKOWDlmIl2Wt9rGN50NS_p28C0fcEd-ueZ6AA1qIzD2g3-0jDgd9TSt58KO4lXJWDGn33VK14TjKt1hHe7BFbzGiO42TFevQAfXenVagCAGZkopvAxK5OX4ZX0r6htWylnHZdhTEjER0hUHImiGAj3bX1Hlgd6FXdV58J9bOwR-mrL6RC5LM30KrAmFxuPn7hplvimmI&sig=Cg0ArKJSzIZp9Dbh749SEAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 01 May 2021 11:19:49 GMT
clk
ad.doubleclick.net/ddm/adj/N4331.284566THETRADEDESK/B25637237.301547605;sz=300x600;click0=http://insight.adsrvr.org/track/ Frame A976 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N4331.284566THETRADEDESK/B25637237.301547605;sz=300x600;click0=http://insight.adsrvr.org/track/clk?imp=7b9a10d3-8938-4b1a-a9a6-66b4b3c71095&ag=mcjg006&sfe=12c4b945&sig=oxb2oY98vOHtbt6_MJj2PJFG-Nw3vjqUVmydQxH1ze0.&crid=zxwafu67&cf=2224661&fq=0&t=1&td_s=www.dailymail.co.uk&rcats=y29&mcat=&mste=dailymail.co.uk&mfld=2&mssi=None&mfsi=kksan6tky7&sv=rubicon&uhow=157&agsa=&wp=A65E3CA90CF79E0C&rgco=Belgium&rgre=Brussels%20Capital&rgme=&rgci=Brussels&rgz=1930&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=8625&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=&c=OAFQAYABAIgBAQ..&dur=&durs=UJSBm-&crrelr=&npt=&svscid=124374&mk=Google&mdl=Chrome%20-%20Windows&ipl=587784&ict=Unknown&said=769e3daf55ad563a965ede033b1887c800086e28&auct=1&grdc=CAEQARgBIAEoATABQAE.&r=;ord=599088;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
423bbc65ad9d29dbe980ebaee9f8fc188ff52d36ec83e2e361c252a3ec333a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17654
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
de1-bid.adsrvr.org/bid/feedback/ Frame A976 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/rubicon?t=1&iid=7b9a10d3-8938-4b1a-a9a6-66b4b3c71095&crid=zxwafu67&wp=A65E3CA90CF79E0C&aid=1&wpc=USD&sfe=12c4b945&puid=&tdid=&pid=sr0jhd1&ag=mcjg006&adv=4mvj28f&sig=1UOKZ28tfLf9YLUK4_t-VK51xmz-rdWXYhGmNC3mK7po.&bp=3.50800020678270651605&cf=2224661&fq=0&td_s=www.dailymail.co.uk&rcats=y29&mcat=&mste=dailymail.co.uk&mfld=2&mssi=None&mfsi=kksan6tky7&uhow=157&agsa=&rgco=Belgium&rgre=Brussels%20Capital&rgme=&rgci=Brussels&rgz=1930&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=8625&did=&rcxt=Other&lat=50.884700&lon=4.504900&tmpc=&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=OAFQAYABAIgBAQ..&dur=&durs=UJSBm-&crrelr=&ipl=587784&grdc=CAEQARgBIAEoATABQAE.&vc=3&said=769e3daf55ad563a965ede033b1887c800086e28&ict=Unknown&auct=1&im=1&mc=a0444ac9-2db2-47ff-86ff-2ee59c9815bb
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:58 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
must-revalidate, no-cache
connection
close
content-type
image/gif
skeleton.js
pixel.adsafeprotected.com/rjss/st/697509/54255737/ Frame A976 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/697509/54255737/skeleton.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
256588948466e978e3e24939b7cdd4fd37a81a7abe954d4d74d64e447dd9afc4

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
content-encoding
gzip
x-server-name
app39.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
ca
choices.truste.com/ Frame A976 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&c=tradedesk01cont1&js=pmw0&w=300&h=600&sid=0
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
85d54a4894439469eeac485118e1933842ab63b2a1777501f5caa1b38a03022f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:55 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA56-C2
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id
8YnCejO7WOY6EZxhb1V9GM7Z6IJEP0yAK4fVza5co_GButh8EIRjzA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A976 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619782032619693"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35920
x-xss-protection
0
expires
Sat, 01 May 2021 11:19:49 GMT
fc230b4b-d39c-4cf5-b497-c431807fe71d
beacon-ams3.rubiconproject.com/beacon/d/ Frame A976 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/fc230b4b-d39c-4cf5-b497-c431807fe71d?oo=0&accountId=8625&siteId=124374&zoneId=587784&sizeId=10&e=6A1E40E384DA563B1B1255BD5F3EEA997E327AF5D0C12635A985C3A9A0A1200EE5A5FF070D8B2CDBFAA9CC6740B3E5DCFE5D718BBE08EF1CC8FB48365F1FF5DBCE681E5B93F80092CC2A3B5CC6EC4AF62AF7D9FE341538449194CB1916632D7D3D7895A26FAEAEE1D296246D76B800DD0A4A7E2E9E0FB1CCF45EB418D95765E7F7DA9B22D3552AC3AFE359167DB529C3334AD916524D718654CD151E0F785554DD5A236E03DD61E3C320D6566336DD11FF252BDEAAAACB6201B161855D5543C4998234B169F0369220E623ADB533629FA77A9D5DAA83450F298C8F47AFCDE28A42F59F12DA235AB24D4080C30316013848BD09CAC4952BD4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::77 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:48 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
pixel
protected-by.clarium.io/ Frame A976 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&v=5&s=bacb46d6d47505b58981f097949d62c05f5c33a1&sb=0&cb=8158381&h=www.dailymail.co.uk
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.139.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:49 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=c10c72a7-e44e-d8af-4335-c404198b1ab4&tv=%7Bc:bmFk5r,pingTime:1,time:4199,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:2704%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:4199,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:2703,wc:0.0.1600.1200,ac:315.197.970.250,am:i,cc:315.197.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1576~100%5D,as:%5B1576~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19*.697509-54255735%7C191%7C192%7C1a1%7C1a2.697509-54255739%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=c10c72a7-e44e-d8af-4335-c404198b1ab4&tv=%7Bc:bmFk5s,pingTime:1,time:4200,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:2704%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:4200,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:2703,wc:0.0.1600.1200,ac:315.197.970.250,am:i,cc:315.197.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1577~100%5D,as:%5B1577~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19*.697509-54255735%7C191%7C192%7C1a1%7C1a2.697509-54255739%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
_300x250.jpg
s0.2mdn.net/10507625/1618583823539/ Frame CB65 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10507625/1618583823539/_300x250.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2df87bed09669cf774e92facef9885402d620431463aa58fec771a2f2ab13f57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10507625/1618583823539/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 18:57:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 16 Apr 2021 14:37:03 GMT
server
sffe
age
58962
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75557
x-xss-protection
0
expires
Sat, 01 May 2021 18:57:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 66C9 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvedKUkM-_6Vnc0Zs2GBMnPafkonVaM-R2Kw2lt4twzgKYT30mfsw9VeKr6FGYSKKraCS3IutrbbLw0vGVL9U8SfyTfFcjjLk1s2qSmdbr7qpXEzfEnbFRpDrOwRlZOqE6D8ROy9ZKmuV5cLvtk5w&sig=Cg0ArKJSzH0eYRjEwj9yEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1746&vt=11&dtpt=812&dett=3&cstd=932&cisv=r20210428.08289&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 3338 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyLtunVcNV56RB9CUfc6oDbzZAKIrDgnXzzESWmdHcM7awU9zKB4DAn0LvHjBKeZVMX6oVl7fpJ-tVh074O3k95HtGINX3FQQmr1ihOWgtEgJLRU6s1FVFWrWhENZp60q1oobHD025neVtWcWyd3EEp5HMMw1wNbgVICe0vsxDMtu5R7SV9qMPk9NKHEP6fgawl4u-_yauQoUZsi4Kqm2vDb178J9AKA71OomcdTtqKUURWoz6QX3YLXVzZk96eY9BZbkqkafN8_YdfTQZcuw37c22sT210izC0hCpVji7sGyuJZipAYK6sgFIJ4F58nLZC5Gil_v1uhxfKdhn2X1VOn8q2BQj&sig=Cg0ArKJSzDFB2iKlqD1NEAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 01 May 2021 11:19:49 GMT
clk
ad.doubleclick.net/ddm/adj/N4331.284566THETRADEDESK/B25637237.301547605;sz=300x600;click0=http://insight.adsrvr.org/track/ Frame 3338 		41 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N4331.284566THETRADEDESK/B25637237.301547605;sz=300x600;click0=http://insight.adsrvr.org/track/clk?imp=a8723320-ddcc-4a49-bafc-bffcc8f26f02&ag=mcjg006&sfe=12c4b945&sig=_QQmiV2Xyx_6EMvXvXsLqLUvcLEFp3qTyK-99Pm910E.&crid=zxwafu67&cf=2224661&fq=0&t=1&td_s=www.dailymail.co.uk&rcats=y29&mcat=&mste=dailymail.co.uk&mfld=2&mssi=None&mfsi=kksan6tky7&sv=rubicon&uhow=157&agsa=&wp=A65E3CA90CF79E0C&rgco=Belgium&rgre=Brussels%20Capital&rgme=&rgci=Brussels&rgz=1930&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=8625&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=&c=OAFQAYABAIgBAQ..&dur=&durs=UJSBm-&crrelr=&npt=&svscid=124374&mk=Google&mdl=Chrome%20-%20Windows&ipl=587786&ict=Unknown&said=87ed6b41c947f0b3e0e22a2ba52f7a642e4ee173&auct=1&grdc=CAEQARgBIAEoATABQAE.&r=;ord=952038;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
bf22080af1dd5b7d5275ff3b9759a571e9a765d096201d937eab3380aac10de5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17727
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
de1-bid.adsrvr.org/bid/feedback/ Frame 3338 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/rubicon?t=1&iid=a8723320-ddcc-4a49-bafc-bffcc8f26f02&crid=zxwafu67&wp=A65E3CA90CF79E0C&aid=1&wpc=USD&sfe=12c4b945&puid=&tdid=&pid=sr0jhd1&ag=mcjg006&adv=4mvj28f&sig=1xUyisb9mQhsDqQo22S0tJu7_YYEQ3fjbsbv0hpu5R6c.&bp=3.50800020678270651605&cf=2224661&fq=0&td_s=www.dailymail.co.uk&rcats=y29&mcat=&mste=dailymail.co.uk&mfld=2&mssi=None&mfsi=kksan6tky7&uhow=157&agsa=&rgco=Belgium&rgre=Brussels%20Capital&rgme=&rgci=Brussels&rgz=1930&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=8625&did=&rcxt=Other&lat=50.884700&lon=4.504900&tmpc=&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=OAFQAYABAIgBAQ..&dur=&durs=UJSBm-&crrelr=&ipl=587786&grdc=CAEQARgBIAEoATABQAE.&vc=3&said=87ed6b41c947f0b3e0e22a2ba52f7a642e4ee173&ict=Unknown&auct=1&im=1&mc=a0444ac9-2db2-47ff-86ff-2ee59c9815bb
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:59 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
must-revalidate, no-cache
connection
close
content-type
image/gif
skeleton.js
pixel.adsafeprotected.com/rjss/st/697509/54255737/ Frame 3338 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/697509/54255737/skeleton.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2ae4f287a8cc4e78d19785c862433cf8076b19a845b547827371df9db9f35749

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
content-encoding
gzip
x-server-name
app02.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
ca
choices.truste.com/ Frame 3338 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&c=tradedesk01cont1&js=pmw0&w=300&h=600&sid=0
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
85d54a4894439469eeac485118e1933842ab63b2a1777501f5caa1b38a03022f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:55 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA56-C2
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id
1lGmfJUrD89GH5CgscvsHuz_4nyL-qaAXMF2sRYuh63OyODh8ixi3A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3338 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619782032619693"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35920
x-xss-protection
0
expires
Sat, 01 May 2021 11:19:49 GMT
f16e6872-2695-4811-b562-33dd34a2fe64
beacon-ams3.rubiconproject.com/beacon/d/ Frame 3338 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/f16e6872-2695-4811-b562-33dd34a2fe64?oo=0&accountId=8625&siteId=124374&zoneId=587786&sizeId=10&e=6A1E40E384DA563BBB157116493923EAF599155E9C037307F1804415EDB27A14B60490CFF39D323B4EC280BA44DD839CFE5D718BBE08EF1CC4C69D39F83F9FE8CE681E5B93F80092CC2A3B5CC6EC4AF62AF7D9FE341538445B4D00B9C8C0FD55FBB172AB72A95A707C3C057A94247B1E493EF0E30C3484A3E99FA9CCE04FEDC31AF2496A0A551ECAAFE359167DB529C3334AD916524D718654CD151E0F785554DD5A236E03DD61E3C320D6566336DD11FF252BDEAAAACB6201B161855D5543C4998234B169F0369287395716B18884603B44F655FB85BAE2A0A61B75E5C75A30F8197CE8C7A10A423557121BB4CB90CB9A9596835F83A049
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::77 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:48 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
pixel
protected-by.clarium.io/ Frame 3338 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&v=5&s=bacb46d6d47505b58981f097949d62c05f5c33a1&sb=0&cb=5083235&h=www.dailymail.co.uk
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.139.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:49 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
crta.dailymail.co.uk/ 		8 B
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:288::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.10 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:57 GMT
server
http-to-kafka/0.8.10
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Sat, 01 May 2021 11:19:57 GMT
ca
choices.trustarc.com/ Frame 16B6 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_o0fxk9d7&w=970&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-7d49bc76-ce2a-4cf8-8bbd-de7ed2805343&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=6dt6nwp_mcjg006_o0fxk9d7&c=tradedesk01cont1&js=pmw0&w=970&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
8543a7318d934abb59e5167572998529ea2cc66f1335189aea7d8039f7c1b260

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:54 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
MAD50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
2413
x-amz-cf-id
o1aGX3EuRfBM7XOKCYEQIHXvicpD5fj5UAKooW6-xZl6dIBz3QfRGA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 16B6 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_o0fxk9d7&w=970&h=250&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=6dt6nwp_mcjg006_o0fxk9d7&c=tradedesk01cont1&js=pmw0&w=970&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:54 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
MAD50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id
TMuai1_mxlPyoW4ooz-wiclm2AizN-Wn-ilUnC301AnQbxYpafALVw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 16B6 		43 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_o0fxk9d7&w=970&h=250&c=c8c4
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:54 GMT
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MAD50-C1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
yzihgZhT71d6DrgUNsvLtCAdEtq10LrMxokZBRvU8hm4z6WJh1lfzw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=e70309e0-8a7e-49c2-a4ea-5541c650451a&tv=%7Bc:bmFkfw,pingTime:-10,time:2279,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1619867989058%7C%7C1357c98a004e0b28591df7ef47e04df8%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C95b514308f778a233f6f980ddf9847c1%7C%7C36331223dae95031d769ac4a78fd7fb9%7C%7Cb9ef4dba1ec5d64cef392bdcee113304%7C%7Ceaa3830fbdc8bdcb1d986333a13e796b%7C%7Ca4408ec4733705522bac88f8dffbc32e%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bpci:%7Btdr:948%7D%7D,sca:%7Bspg:c10c72a7-e44e-d8af-4335-c404198b1ab4%7D%7D
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
x-server-name
dt47.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=e70309e0-8a7e-49c2-a4ea-5541c650451a&tv=%7Bc:bmFkg4,pingTime:0,time:2313,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:760%7D,%7Bpiv:100,vs:i,r:,t:2312%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:2312,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:760,wc:0.0.1600.1200,ac:978.513.300.250,am:i,cc:978.513.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1576~0,0~100%5D,as:%5B1576~300.250%5D%7D%7D,%7Bsl:i,t:2312,wc:0.0.1600.1200,ac:978.513.300.250,am:i,cc:978.513.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1576~0,0~100%5D,as:%5B1576~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C1a1%7C1a2*.697509-54255739%7C1a21%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1a2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
x-server-name
dt42.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 16B6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvePgx8PLEKhaxTScwrMZTCJTIXsE0otgd_T1p1NjgeR0R2-Y97gki4X9gys3cqS90UWaJhLQKkN997iEcSsb4ktHyOYcvBd6DxPSn_OKo&sig=Cg0ArKJSzMYGgfexVtBYEAE&id=lidar2&mcvt=1075&p=197,315,447,1285&mtos=1075,1075,1075,1075,1075&tos=1075,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2059569030&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619867978944&dlt=0&rpt=6982&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=e70309e0-8a7e-49c2-a4ea-5541c650451a&tv=%7Bc:bmFkqm,time:2951,type:e,im:%7Bimprf:%7Bttecl:3226,ecd:14,tsecr:243%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:639,o:2312,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:760,wc:0.0.1600.1200,ac:978.513.300.250,am:i,cc:978.513.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1576~0,1~100%5D,as:%5B1577~300.250%5D%7D%7D,%7Bsl:i,t:2312,wc:0.0.1600.1200,ac:978.513.300.250,am:i,cc:978.513.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B637~100%5D,as:%5B637~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:240,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C1a1%7C1a2*.697509-54255739%7C1a21%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1a2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:50 GMT
x-server-name
dt31.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame A976 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dailymail.co.uk
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 14:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74920
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 May 2021 14:31:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame A976 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:18:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 May 2021 11:18:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A976 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 04:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22925
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 04:57:45 GMT
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame A976 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/697509/54255737/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 16:37:27 GMT
content-encoding
gzip
age
931347
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
AmazonS3
etag
W/"3bc122544b299af3472a4ba27ce7978f"
vary
Accept-Encoding
x-amz-version-id
YnDfosEmPFk1USroKyX80ierLiGWq8lS
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
GVsYtIm6Edq7LNALUjoSCCJFuP6aWgYNwcCA-cE5D2MLXCygbuxTkA==
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 3338 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.dailymail.co.uk
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 14:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74920
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 May 2021 14:31:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame 3338 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNDUxNDk5MjozMDB4NjAw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdORFV4TkRrNU1qb3pNREI0TmpBdyIsIndkIjp7Im8iOiI0MDQ1MTQ5OTIiLCJ3IjozMDAsImgiOjYwMH0sIndyIjoyfQ==
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:18:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 May 2021 11:18:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3338 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 04:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22925
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 04:57:45 GMT
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame 3338 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/697509/54255737/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 16:37:27 GMT
content-encoding
gzip
age
931347
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
AmazonS3
etag
W/"3bc122544b299af3472a4ba27ce7978f"
vary
Accept-Encoding
x-amz-version-id
YnDfosEmPFk1USroKyX80ierLiGWq8lS
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
qkJePHMqWnp8Gk0HToR2Rb7yFyTsBHmAfcUNQl9mlNkcRhyb_Dvolg==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=e70309e0-8a7e-49c2-a4ea-5541c650451a&tv=%7Bc:bmFkyD,pingTime:1,time:3464,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:760%7D,%7Bpiv:100,vs:i,r:,t:2312%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1152,o:2312,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:760,wc:0.0.1600.1200,ac:978.513.300.250,am:i,cc:978.513.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1576~0,1~100%5D,as:%5B1577~300.250%5D%7D%7D,%7Bsl:i,t:2312,wc:0.0.1600.1200,ac:978.513.300.250,am:i,cc:978.513.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1150~100%5D,as:%5B1150~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:240,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C1a1%7C1a2*.697509-54255739%7C1a21%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1a2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:51 GMT
x-server-name
dt27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=e70309e0-8a7e-49c2-a4ea-5541c650451a&tv=%7Bc:bmFkyE,pingTime:1,time:3465,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:760%7D,%7Bpiv:100,vs:i,r:,t:2312%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1153,o:2312,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:760,wc:0.0.1600.1200,ac:978.513.300.250,am:i,cc:978.513.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1576~0,1~100%5D,as:%5B1577~300.250%5D%7D%7D,%7Bsl:i,t:2312,wc:0.0.1600.1200,ac:978.513.300.250,am:i,cc:978.513.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1152~100%5D,as:%5B1152~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:240,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C1a1%7C1a2*.697509-54255739%7C1a21%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1a2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,metricId:grpm1,cmr:t%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:51 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ca
choices.trustarc.com/ Frame 66C9 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_sqh3smbl&w=300&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-9a9ebb4d-5096-4685-8879-08d2309b2fe2&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=6dt6nwp_mcjg006_sqh3smbl&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
bc1eee1350d1c547ca6ee337f6cdf21fcf6468d829dcb672c48580cbb6d1e2c7

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:54 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
MAD50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
2479
x-amz-cf-id
gcK10fyo5yb211cydH45-asdU3CwtHkK6iJqounY0KH3hEfoCPNHhg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 66C9 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_sqh3smbl&w=300&h=250&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=6dt6nwp_mcjg006_sqh3smbl&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:54 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
MAD50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id
_JNXKtMb3SypivA_cA2JF_wi2JzHlMGxs44Bo5bZG-SFGKsQvugA8A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 66C9 		43 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_sqh3smbl&w=300&h=250&c=6314
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:54 GMT
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MAD50-C1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
ooO6TgQdRzDfVjqzlvdRZFyd2qoD1tViT025YnzgYYf4qNaGhCah4A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 5374
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 May 2021 11:19:51 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Sat, 01 May 2021 11:19:51 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.html
eus.rubiconproject.com/ Frame 4DB0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8060095&crid=4706985&dast=V7Rg8CFgOWIxGXxRnL-QSWIxGXxRnL-QUAAAAGBuIHHDMbrpYzEonGmCxWo8lyuRzsNsPFcjYZzYbQMbPhajkjkWiMyWI1miyXw-FitNwNd5vhZDgFDmGZ_b6DgnJ6eswug6joelvsDqfZc5DMTW7oQ9Pp8Lnu9brf7y5yOM3Ot8Nptmv8dtXXr3taXp6_5OU6vSyfv8JyenrMLrdyNVnuhqu9gmZ6Wd5qh-frMrklrrvd6fK8JSyzz-mwuxWW09PzsLs1R6fN9HlrjH6P3-wwvdya5-Vp97k8d6HpbbYDAAAAwAPAkXQqxA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGQIHohQYABQfBueymfwAAPBSAAAAIYJAADKgdlQBIKCSeAAAAAAAAAACw_P___8cA6PH_ygBcyPX3ADz4ADwQFZwWMQIAAACQMpsgPJrUCZVFFQAAQboVwBUAQEDeyam2RRgAAADB2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxNimplJA2qDI1X7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLoBmixmBwAAAHD3____rwdCFuPM4lv4ZrbhZuMy-VaO1cw4cS1HE8fCsXJstscf5VqRRx520MchLLPfd1BQTk-P2WUQFV1vi93hNHsOkrnJfhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGY4IQMR5vJarRb7SbL4WQ0mm0mG6Ro1Wo22gyGq9lkttuthoPhcjRCitYsZpPJYjZa7jaD5WQ0GE6GQ4SZ2cTl27hcbuFsZXOLBpPNWuHbmNYy12bhm8wmu-XCsxa9PqbfcDZxeRxeFAzA24vgIp2IHE6z8-1wmt2Sv-8ilmhOFulEdtmXLMaZxbfwzWzDzcZl8q0cq5lx4lqOJo6FY-XY7Duzicu3cbncwtnK5hYNJpu1wrcxrWWuzcI3mU12y4VnLXp9TL_hbOLyOPyN2WI5nO2Wu-G-MVssh7Pdcjfcd-gM39XnbLRFu-eOS2rOLZdNmfmgcBks3o1qdRx_JgdptGx0qpy9ZVFn9Pv9fr_f7_f7_X6D1nMwGxS-5-EvnD6W53I4Gz0YFbFEcLpIJ6KX8XQRSyRPi3SiWcxWvsVgsJm4JouVaTMbLSaTxW7mW648HtfCZhFLlKaLdKLXPS0vz1_ycp1els9fYTk9PWaXW7maLHfD1V5hM70sb7XD83WZ3BLX3e50ed4Sl9nndNjdCsvp6XnY3Zqj02b6vDVGv8dvdphebs3z8rT7XJ670PQ2W9R_bMDJXDGYzBXLuWIzWSUAAAAAAAAAgCXMmTcBAAAAOA1kshkuVssFeDDa0_0RfWoO2a_pKW78uIEcTrPz7XCa3ZK_78oAD0Z3zJs9E8RarZY1AACAADYAAEAAt27eA9anlRw!&cmcv=&pix=undefined&cb=1619867986570&uv=2958&tms=1619867986570&abt=adh5c-1_vA!insc_vA!moatVimpOptimization_vB!spa2_vA!sre_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=36859FDDF1215429990738196246&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://imprammp.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://imprammp.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 May 2021 11:19:51 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Sat, 01 May 2021 11:19:51 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
crta.dailymail.co.uk/ 		8 B
574 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:288::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.10 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:57 GMT
server
http-to-kafka/0.8.10
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Sat, 01 May 2021 11:19:57 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 66C9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudi_nXWNhVHfcTLw1BzWwt5Vo6stZaw4TykSWpwbE4c0Pv735RKk90BXGsiggcKGlRcMV3vsbjsAHxgFy-Ys0&sig=Cg0ArKJSzBfwri-evMPZEAE&id=lidar2&mcvt=1117&p=0,0,250,300&mtos=1117,1117,1117,1117,1117&tos=1117,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=34&adk=0&rs=6&met=mue&la=0&cr=0&vs=4&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 07D9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 01 May 2021 09:29:22 GMT
expires
Sun, 01 May 2022 09:29:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6629
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/10507625/1618587959786/ Frame CFF8 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10507625/1618587959786/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e10b8022172af8e401d3912fe626d8f45e1d7ae3eabb61500fadb58fa98da964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10507625/1618587959786/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2367
date
Fri, 30 Apr 2021 17:33:40 GMT
expires
Sat, 01 May 2021 17:33:40 GMT
last-modified
Fri, 16 Apr 2021 15:45:59 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
63971
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame A976 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssIBytrsnMwehtdvecoTwbGr1hqRwC6X1AkWiiWbwXNoIjEH1Q5BJwnkvcq6QaSQOASoEVa3R9eapizA0519GpfZBc03DjXVPpXkMzw35_j-7EfHeIqBvb4_5OQN4e3aWg&sig=Cg0ArKJSzFUf-caaN1fBEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=419&cbvp=1&cstd=416&cisv=r20210428.17026&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E6AB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 01 May 2021 09:29:22 GMT
expires
Sun, 01 May 2022 09:29:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6629
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame A976 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-cch__peLgVCKJeqxlMrJhrgoTBSH62mXjnuquVDxQfE5b-pbvT7IpMyUU5PxuYZedHWvrkd9RQ_BZaEcrAJbAoqBzHgPLW51804qcDER0UwweCpld8XAy_KMsVmVAGZ6H6Pi80SiiCNi3SSMx_3t-KSA_HUu2q1bMj-9fXUzZt4t3ZmjqPQ8P9k1xD4iTu47SU5vLrkRL0ndby8gqENt2gqrcJQhCY708yGD_SY4ddtSrklUk3oM-EdIQICDD8vI_O2CY4U0d5oZg1oQ9n5Jt3OV4WM6EpolrMEt257A6qthnr7WDFK_wpa7IwbNtakyx3srLuzR_dO9Kdcnydab9ZM1SUtTpQ&sig=Cg0ArKJSzKXW7YzO5japEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 01 May 2021 11:19:51 GMT
index.html
s0.2mdn.net/10507625/1618587295327/ Frame B31C 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10507625/1618587295327/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09cfa1d73642a98b3df37eea490ea9801e0f943d5f48fbcba0b4a274adfa0190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10507625/1618587295327/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2366
date
Fri, 30 Apr 2021 21:01:01 GMT
expires
Sat, 01 May 2021 21:01:01 GMT
last-modified
Fri, 16 Apr 2021 15:34:55 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
51530
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 3338 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssLFPFmytFldzETGCtK7CxZDnz656yrmh2JwoJd3p_djbPBSR_UPAMQ0xOKdalwsUSYdS-4rJU6dXzq9KFh0O4noBsOBewsf8dfFIqIb9OJf4F6FAK0K6woJ4OPoKy6UPxI755uR4UrWla5zr9GFw&sig=Cg0ArKJSzHVQ0HSa4Me_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=527&cbvp=1&cstd=525&cisv=r20210428.71673&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 3338 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuE0LWyEjrjBpCtUEYOSLbRJ7X_yTfLXZNihqMPMs1y1izn9t_aCMkqKsp6O1nSZtiiw5fSz5lb9A-lYNDr72ky32zfoz2G9uSRUM-vUet89Qe6cLFvG_NCIMBbl-rZCvVRwGECBDzy2FeDw-uCJS3nD8L2NoP6XY8TX3o9zVroganmnkITCJfiybNiq70A9f2n5aJTjsx4p8pyb12htqIpitvHAJZ033YxNUOfsZBLWWUQ2JLrwPupaCVRZgbmW3esVZpX4fDXsLUgUcGJimVnofG1k5SsjGUvvKJDg-Z7pOmK7yVkAzitYFqFDJSX27bbOoOJWtPae4R4CKI_lPTv32yrrmnWWMw&sig=Cg0ArKJSzG8RdaNv-fHCEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 01 May 2021 11:19:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D6C9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0jDDTzmNYLnRBLCR7_UP07WM-A0AAAAAOAHgBAI&bg=!9_Sl9LDNAAZLnZBaS507ACkAdvg8WkJRaHl96iZJwTHUW4i-9rq2OaviaQ4jyXsU7Dag2TfjS7P-CAIAAAhzUgAAAa9oAQcKAU35wx1hmzgSwVnIqI3MeGitUW_i3yUuEv1V_QejiSLYMAxYArulqhG2tdDdoTa7AYG5t_VQAAwhBFT1mMz3kDkly44R1J76jO3bcVJK3pUkB8MTe8SjxmxOgtM-YeeqY1lGvjFLFhl837lc-YXXpe-21i3osZg7w9Jjtze4WDq6Jo2biBGBI1EtSkqrJZWqD7t4lYqM1itqqpVKyI5BB8tMca3nhCkum-IE7GYvjULrlCE35XsOOU2YDnhgy_aCynWVXlge5Wpwa5IEJZjHSclq-vFWUDgULNDrddlG_uLAmfhbp0EdyHexh0rmuQvMY40w_rCY6zQEq7XBzXvqBlSdH-GstpL7oMl-cLnfoTjcgAFLPyDcdCOIkAUd6RRz1UpShRgNV75a31fb5Z9dJOMhJ50-m-PSIGugMekSV9EsP39r8rpK8riqz6i3FGOZAk0aagR74XWw4suIxYa6VMzrJUEX4G4jURkc8zYSbYJSY3AJdJ9l1TAMWIHaRxNeztMIaDU25UBHBYILXCMYB5lHGaCvWXx53wGaCDmbBxjNMHH1yr_CWpTIuPLL5Ht-_eyc6OpqL1LwIksWjKL6kSHxqmzmLk9oMih9Zn7NFQGwzyENeGPSsiIpvEryOHKidIW4d7DQgGU_9o8g3gTZQpxdOq5U3sBzmh8xga7fQmHoVDK4ifSNSMgX-DcBMOUVkF9k41uggGV32xeDbzaTLgRMPrfzO5uA3GGgfR3xXBGHppVeZ_jaSFOcaOc2U2c_Oce6vCCitoAL3VWgztSfoPLZTBe6YhrrApqz1yH8lI_O06jjcW5VPo2H39nNBOJmhvXJOIb7L9ULaddEC_CiMPaFbacJH2DMxIwLnb9K1j4UzTl_78XfrPUXdf7Ivb_jl_xWqvS7vH6-QX7zfdOaT_6fVsHSIZ3GoMYe_AasqfGCfarZ3LdiHWQ38DG5PCntUl8tuaVWWCJ_9R-OeP42TmSEa26UMizVxQqYS1YSRJz5gToz8_PTPExVqJtTDiJDrGHsjCGT_VGSdQV9x-kYwanNSw0rcPC1f0M1MoQuDCIsvoE3b1DBXLtg7fMpvFZEDzAU7obx5ioNXrp_qVLKnq30kRwaHVRLnf3qdR-RoHLEK38W8TckTO0zfrHEcGHb35EJaavc2hX1U_zBQNwW3siSAKZrnFQAcO3w1hO49CZJt-mSpENZ9-deegW2Vk6_4ZLwVd15QVDQ7lNo8XIT
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame CFF8 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10507625/1618587959786/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:51 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 01 May 2021 11:34:51 GMT
index.js
s0.2mdn.net/10507625/1618587959786/ Frame CFF8 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10507625/1618587959786/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10507625/1618587959786/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa311626bcbad0472a847cbf26d5f3e661504a0d3c0650ba6ae9391e63fd2f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10507625/1618587959786/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 17:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62954
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16043
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 15:45:59 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 01 May 2021 17:50:37 GMT
usync.js
eus.rubiconproject.com/ Frame 5374 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24962
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Sat, 01 May 2021 18:15:53 GMT
usync.js
eus.rubiconproject.com/ Frame 4DB0 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24962
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Sat, 01 May 2021 18:15:53 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame B31C 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10507625/1618587295327/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:51 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 01 May 2021 11:34:51 GMT
index.js
s0.2mdn.net/10507625/1618587295327/ Frame B31C 		85 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10507625/1618587295327/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10507625/1618587295327/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed7539ba572c3c474cd8e551c4d790eccc25d2d1a6dcab7fc51143ea00c0a710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10507625/1618587295327/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 21:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51530
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16022
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 15:34:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 01 May 2021 21:01:01 GMT
V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
pagead2.googlesyndication.com/bg/ Frame 07D9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 07:45:37 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
99254
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5617
x-xss-protection
0
expires
Sat, 30 Apr 2022 07:45:37 GMT
_300x600.jpg
s0.2mdn.net/10507625/1618587959786/ Frame CFF8 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10507625/1618587959786/_300x600.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9752950eb7827c079b475d94b918caecce5c4bbedd4569100a8cb25f08cb5ae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10507625/1618587959786/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 17:50:39 GMT
x-content-type-options
nosniff
last-modified
Fri, 16 Apr 2021 15:45:59 GMT
server
sffe
age
62952
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37803
x-xss-protection
0
expires
Sat, 01 May 2021 17:50:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A976 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssIBytrsnMwehtdvecoTwbGr1hqRwC6X1AkWiiWbwXNoIjEH1Q5BJwnkvcq6QaSQOASoEVa3R9eapizA0519GpfZBc03DjXVPpXkMzw35_j-7EfHeIqBvb4_5OQN4e3aWg&sig=Cg0ArKJSzFUf-caaN1fBEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1048&vt=11&dtpt=629&dett=3&cstd=416&cisv=r20210428.17026&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0451 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7v29UjmNYN2nN-yLjuwPiN6wwAIAAAAAOAHgBAI&bg=!KyilKGzNAAZLnZBaS507ACkAdvg8WtlZ-LhO-mtxlVfh0v0ipXayDgjOl3deQbbAuv-C9kTVeD4sfgIAAAbaUgAAAGRoAQcKAPuKN7HWCtecZNSvCKZvydKSl4wCfWyvKNKWKc2ThritWjzKabqCHqB9KtA7AXVohDUw9f1WT11KMY-fc8_AtGBSdAX6Voc46vdZbvkwi86K01nfWTwodF8-fk-9N5PwOVcQxkeunXsSGD-7bUE_rJ_fAxrgEJEf-yV8kufxeQWs6G-tkmv37foQGErSvdLEWr4YebZarLunRVoUHqrFNbqoTHXWhd9ZT1gaoAGFEqajoGenrc3hYFIe-Gm43RSTq1JiyP1hg07MGO8ZT7CvqCQzrAOf5q4M-DCov77oTPhEE_krOkW8Vq4r3F9iSizsGOg7CI--4Yx9JexNsZkCaUR6Be-hwgrVDZLjaS0c-GlI3Q9WcauXHthaYcWwUsTHvwGIk7z0XmBz09KWOacHGXg0v3gr2SkJu4rgyQctGyKr-UmEnlO-_lb_mvCTrzTYiAfzpikrz7S-1f7Q62eZOqpMzCcmmFXzq7FW5lMA_s5G7NVFdWRgcpMesPrYHF6HXXZVqOkdMgy-a2HktVEuMxpLm7OP3b73o9ujt-y3q6EQkZotOIuv1R4b9G2pvNo04c7Bsc2E0UWJy_H3-YWPQWa4PJ6WXdPZ8sW0jnwePIdKafEOaDLoUfrEglpeAzmosQ6c4KouiG3G1FlhrwwtlZ_zcPboxIkmIn_ZKxmI6VZc2H8WKvznIe1O1cgTuIrMRyk36V-6JcfbsdcrCFG5xS7DcopaWkZy-RpyOMFfU8TlfLMQx4jPhumXobkfWCzcdvv0uvHKxxCdbJqw6sUcVPhRduOZklaBr-d5Y6qyZm_JxR_4W7RFpanlvWnCFUY64Vj1It-0lZ6NFuK620olZMRrnOKrSzqzdpdtmeGHRkKg0qAIXZKV0uKgvXJrxS7ZJrugkmXBuSkAakxehDmh2-ruRqbahXe_GX8ii_P4njOH1CkpxDbfeh7OL29ZySO5x258NY4u9D7nFGoIUKOCVhkyfsWdJTyGTQg28a_NyN-du-N3lQD3hTImkRtt6ZtcASN2_MH7dpQh1_GCm5QZu9sGs57yry4nkKka2p1uMQ0j4WoSF7pUXbprgENOOZrjR_gYvlTzjTFxl9LzYVCkyBqWPSLhatUlYGHdesyul9A92sBGY3k25ZY6WfnU6KLXs793tsE3ggw0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 5374 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
pagead2.googlesyndication.com/bg/ Frame E6AB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 07:45:37 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
99254
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5617
x-xss-protection
0
expires
Sat, 30 Apr 2022 07:45:37 GMT
khaos.jpg
token.rubiconproject.com/ Frame 4DB0 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
_300x600.jpg
s0.2mdn.net/10507625/1618587295327/ Frame B31C 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10507625/1618587295327/_300x600.jpg
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17a993dea2476340f54b9c325183cbb3e205cfb599579820da8c1370d214ae09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10507625/1618587295327/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 21:01:02 GMT
x-content-type-options
nosniff
last-modified
Fri, 16 Apr 2021 15:34:55 GMT
server
sffe
age
51530
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74890
x-xss-protection
0
expires
Sat, 01 May 2021 21:01:02 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3338 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssLFPFmytFldzETGCtK7CxZDnz656yrmh2JwoJd3p_djbPBSR_UPAMQ0xOKdalwsUSYdS-4rJU6dXzq9KFh0O4noBsOBewsf8dfFIqIb9OJf4F6FAK0K6woJ4OPoKy6UPxI755uR4UrWla5zr9GFw&sig=Cg0ArKJSzHVQ0HSa4Me_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1116&vt=11&dtpt=589&dett=3&cstd=525&cisv=r20210428.71673&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
_300x600_02.png
s0.2mdn.net/10507625/1618587959786/ Frame CFF8 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10507625/1618587959786/_300x600_02.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f069d1fb3fa6263a6def2576d4fed2f8f161a21477390f03501578499dc84c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10507625/1618587959786/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 17:50:39 GMT
x-content-type-options
nosniff
last-modified
Fri, 16 Apr 2021 15:45:59 GMT
server
sffe
age
62953
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45908
x-xss-protection
0
expires
Sat, 01 May 2021 17:50:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A976 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAUuKUuPFtG5sdkikOEdr3Uh936NBOA6zuiVpTEd9I2Qm3vuMxO5prNbDB_hGIBGYCzEFjpL6AIw&sig=Cg0ArKJSzOBhfD2-lv8_EAE&id=lidar2&mcvt=1081&p=0,0,600,300&mtos=1081,1081,1081,1081,1081&tos=1081,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=34&adk=0&rs=6&met=mue&la=0&cr=0&vs=4&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A976 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAcoBkXKWv2xUoSAxPr7Q7akP17t0vc-YofaLX7cftAd9xgwaqve56T5Chp5tctENjiXL_wxNp6P2W4EJZrIqx7LjKA99cvEzAmjU6shI&sig=Cg0ArKJSzEQczYrUnpI5EAE&id=lidar2&mcvt=1082&p=20,3,620,303&mtos=1082,1082,1082,1082,1082&tos=1082,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2894056308&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619867985666&dlt=0&rpt=5836&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8796417
ads.stickyadstv.com/vast/vpaid-adapter/ Frame C569 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/8796417?_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d009655670a3a5788c8722fa9896d54ace8b48c4319f33d60fcfba1e80b7c885

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:52 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1058
x-sticky-vk
1619867992818047-334
Expires
Sat, 01 May 2021 11:19:52 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3338 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXGHoGJ82IKK-AA_Mr7xK3fHMZlmJjY-rZgfP4cOMId-Il7VJHMS8EE4GMD9N3jEPUSOxLofidOrNRYSV6_oLR4UgxfYiiikwFpGjkezo&sig=Cg0ArKJSzGHgalS4O3uDEAE&id=lidar2&mcvt=1079&p=20,1297,620,1597&mtos=1079,1079,1079,1079,1079&tos=1079,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1812723490&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619867985858&dlt=0&rpt=5783&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3338 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXhErAjMM8NKC49e6aq_EkeGRXtMhUFczZG__UJwGcQvgRSZ6IX6Cjj_hu7S2-J8bFoSzt5sApyO3lqtOsiiU&sig=Cg0ArKJSzJrmBXQrFgFuEAE&id=lidar2&mcvt=1092&p=0,0,600,300&mtos=1092,1092,1092,1092,1092&tos=1092,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=34&adk=0&rs=6&met=mue&la=0&cr=0&vs=4&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=c10c72a7-e44e-d8af-4335-c404198b1ab4&tv=%7Bc:bmFl3k,pingTime:5,time:7912,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:2704%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:7912,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:2703,wc:0.0.1600.1200,ac:315.197.970.250,am:i,cc:315.197.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5288~100%5D,as:%5B5288~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:677,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19*.697509-54255735%7C191%7C192%7C1a1%7C1a2.697509-54255739%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:52 GMT
x-server-name
dt48.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
moatvideo.js
z.moatads.com/mailonlinejsvideo243552997523/ 		305 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/mailonlinejsvideo243552997523/moatvideo.js
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5268b13e4083e880105c48eb2350799a7a73ccd3653d458d9e4296a7e8b59c06

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:54 GMT
content-encoding
gzip
last-modified
Mon, 22 Mar 2021 15:22:10 GMT
server
AmazonS3
x-amz-request-id
WDA3NBKVKY9NKX1E
etag
"1051cbd5c20edad7b3a7850582d9e21a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=28987
accept-ranges
bytes
content-length
104594
x-amz-id-2
7J8gmE9L9qXdPpTrJ+s5yRcT1lwlk0soWst4PETcV9j0FTBfl2nK6XhJ+Qu/LQsL+nSoQQOv2xM=
csi
csi.gstatic.com/ Frame C569 		0
331 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ko5nkqzy&c=3867875171970&slotId=1933937585985&qqid=CPX9_8GuqPACFZrnuwgdiSIMMA&gqid=WDmNYJnHArnH7_UPr7mi4AU&fb=ima-html5&sdkv=h.3.453.0&ppt=videojs&ppv=4.12.15&mrd=6&aab=1&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=44739826%2C44740340&vmfc=2&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame C569 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bbae0WDmNYPXxA5rP7_UPicWwgAPUjKTARQAAABABIMiWlhw4AFjP07eNgwRgufjHgNwBsgETd3d3LmRhaWx5bWFpbC5jby51a7oBCzQwMXgyMjVfeG1syAEF2gH_AWh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay93aXJlcy9yZXV0ZXJzL2FydGljbGUtOTUyOTc4NS9BZnRlci1tYXNrZWQtYnVubmllcy1CZWxnaWFuLWFydGlzYW4tc2hpZnRzLWNob2NvbGF0ZS1zeXJpbmdlcy5odG1sP19oc21pPTg4OTc0NzQ0Jl9oc2VuYz1wMkFOcXR6LS1Vd19RNW9yWWphc1VOUzNLckdFZjZpS2JwSll2Q3NfQlRXX1dXdG1pSlBYV19lUTlOMXI5S2NfdmNhOGVBS0pvSXlqMGNsbldmSkc5UzB2Y1loRWlnMlZZUmI4ZHZneDlyaZgClQOpAhYDR1uvLLc-wAIC4AIA6gItLzU3NjUvZG0uY2hyb21lbGVzc3ZpZGVvL2RtX2Rtcm9zX3Jvcy9wcmVyb2xs-ALw0R6QA8gGmAOMBqgDAeAEAdIFBhD5qqz3EpAGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHH9IICQiA4YBQEAEYHdgIAoAKBZgLAYAMAQ&sigh=z2p8VmdS298&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.453.0&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C569 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7-sE-euqKgByA7yq7Vc8nCG0LdaGCjTVzaq4acqjmXfLWmNrF55L9ttTW2uBVIM8VQFmtjW1jADkM4FGSI-Bsw-KFzDyyk1Tar2oTVxf5WLEQdx50Af6m6hcMEAUApZQFKMpVMHQ2kDwBBM5AbMFSSllagoVEunNODRX1GOAQRsmESz8rUN1ZtiSKnUEwTzbJv5wEzFriqu9zX2-NmyYsQpX-Vgbvy5nlCMZelESXqMslUP7LCSsb4mlgjNwyTgc7EQpIddGg9wB84ra6zbVR54SPASCCiWAlGwvRA0dv3B2vw-kdNpt5W2nLRmSbmCuAOSqz3eKWPNHh26GSjOMzb9M&sai=AMfl-YS6E6FT_16G-1nmZhy_A8zppfJc0gg9715xl4UgrPoOcNZrpplxavO8c3tDK6aS6ubxYdcyXuR5auOZUXo91fO3sK6vQnLUCNaqlK7wqmGaOdLF2nMz5lIC3BdU6u8&sig=Cg0ArKJSzP9tEjJmNJn5EAE&sdkv=h.3.453.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUwODIxMjU2ODkyDDEzODI3MjQzNDYzOUC5HQpmCAESE2Fkcy5zdGlja3lhZHN0di5jb20aC3N0aWNreUFEU3R2IAIqDXZwYWlkLWFkYXB0ZXIyDXZwYWlkLWFkYXB0ZXJA0gNSHSUAAKBBKAE6B3Vua25vd25CB3Vua25vd25QAGABGAE.&adurl=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 5C5B 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 Apr 2021 20:57:11 GMT
server
sffe
age
346
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18070
x-xss-protection
0
expires
Sat, 01 May 2021 11:29:07 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 5C5B 		328 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Mar 2021 03:29:54 GMT
ETag
"1616556594"
X-HW
1619867994.dop123.fr8.t,1619867994.cds230.fr8.shn,1619867994.cds230.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
113077
gen_204
pagead2.googlesyndication.com/pagead/ Frame 07D9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3-QvVjmNYPbsIuXD7_UPqrq8yA4AAAAAOAHgBAI&bg=!ycqlyo7NAAZLnZBaS507ACkAdvg8Wi1sEYOxjJ4zp3j9aOS4pL8US3emIHp1bZEgfKOYaqcuBBDOGAIAAAd3UgAAAHFoAQcKAUN52NEpW18VT5FZig_OoubVbpC2C56jCT4F1M9cXb_yImYA6jDyLReW3l8225EFdmFDfZZxB29hGg7JtjkPSExvV7Ypq81RKTVJVA7IgZ3EwCuhM77HOmwRKpV6pWb6k6JjpW3Ae9_kXod9gEgZSSNcHCmeW4sAgHJXb2gzvy-FebFX-HcjFUqTC_HyzqqT78gJCTaF_t0JEuBxMe4k-mzb9Y3DQQGOiayOwYCuHl4yGhqXnr85ciN_554llkN4j-d4ew64qzlgubM0xGnsg4cdOOuRYzBNlkknH0wOj5-gE_6rBU2ysogv77ST54zRZfSvgIoAh8vVS4wmv1C3LSZSTfzbEQ88u06H5OmERuu1UstR1_wc0N0s5HyboPqCtWrrnk8oIGA4t1n3HgRvcIp2fbFrTicAHsBBXAasPSHlJhvQ7ZkCVtTAqIHPP6vk-UEM8bYywUwQwNlt7nrEsgZYlClp2MyTRrfzGJM1dgm4NAI2r9sktKXUwGVTuypx4a0nPbDLZkMa5lpVLPQCg6Q0F-19PK8Vg0A9hA1HVkgjO-60CZaC4sQl4H5ZqErsZgrBg4aR6s4IW41IPe0Q3OUgaQv4JsYJdzjwSv1uqovOhFN3cO7_jcJhouhLPwYw2YeWC6TltkbY8OCgJPl1Frud1ds7Ary4v0y2C8JvFLfBIollEW8SUfbw-icIhadtoF1EKugC9rV1cIoGAyRvmjQzvBJ2cLvAFFOOj6F9MpaIUTCS_xtj55zGaI3YXxLn-1N3wTgtGAXtXzPfP-i1AZd3oAugKIRiXg1vFMGfsECVw_eQJJl0otR3hE1Si9-pFhYnLSzDtU_dFUwfntvuRWG993Fx3PXP3-OlIn0tddjgPIU5VYz9eLTQOaDzb-Mn4JNdY1-gOUWlnkg6zlUYeilr_k2MVNudS0BGjqn29cvEdt6cou_tdPwzrfcnOuWN5GgaJWbyimhhQuJV-b34Jll2pLaz4sQGWR9ILQHeOHP7c8nNCMe05NohBwab8JmQiStJehie0-1apRKc8DmWX9a22Y3kcE2ZxsHu57FG44YRa3mBodLfj4GTPZq1PvxH2rl0rXq877taqugLbtZbc_9Xp98mQ1e0i0J_nl40CkiDvapAZuVJ6hLRp_gvxiMctq6tBgZ8g-6o8tAAgos3820f5wTMyaCyWTLhkZrqhAnpdMvSFv0tEFnvGL9kGrqe4WuvIfklKwRsmLEshNY
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E6AB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjSdgVjmNYIbzIsyjgAe506mQBQAAAAA4AeAEAg&bg=!29il2JzNAAZLnZBaS507ACkAdvg8WupOfBRHUnFqWoEiARp2MYHLGXy4WJjczGj3sSWtqLNvmzuEQAIAAAgAUgAAALloAQcKAKfja3tdCwfygbNWzzGKTuOoHdfSITnan_DAtF8ecDLPR7Ejo36hRO2wVEPd-QSiFcJc3zbqWqDTgTt98PSFs4tnzhT5pknB5vcYPQei5B2SNNFbIx7RG2yackFcDShtwDkJQWmd9Y6u9MFfvs52um4O01cw8YvZXrZLQwXc1RUAhbfVQRmGdJboiQ782qm2otBXKehXRbWCOU_1oO7tFhrRpFZEfLd8uZkCRJM-fyIACKpd0I1Q9vojzlRhrXOrgvXiUoR1Fwhx8rh-GskFK2mwU9bcjPtOzyD38sQrqPdSmVpwmVb6_Uf-i4Py6OqbN0NErfXZLTBHSTgENdEyiSWmWA-qK-shSuJTEFbLMPfbTQ9MlLaaqvZwggwe3dyzoMbLlfJiZiHGeEHLzgbzlScuhpHmG4yRTrlSOtdMFp6O7LH9D88HEyPaojLkq3KuYgZYlQVGLQ2nTNFoGiFtKrDaRGgL9WyGGxzVFso4e2gIpdS22ydOK0DG39c9To5ne88-8hLaff3BTLePBzGgxP15DfJMNhwPRg-v87vw1slVPaY_P-VcsDgCibmzpi1pHQJ-HqzGOWzh-nIrpeTYwdeQGbKZtu1fvk5hkH9PlxLy1BvWGboI_bhvgu0xwv0YthN5iHbKzhACbmpCDRhwVDZpyMkZ57Zaq2Z6vBDdBUAL1hrAy35HcoSbD9TV4c_P0FxdpP0Oe4if9ue8hCyDxLHd-9KfbQbW23_qqwPjZf6rIeBiPloL49PtQhOMKMkOFaVduQfsG8ZGjIIO1LhFAfYym6IWrQoMQur6P_9VK03QK565vOgGBRZWf7wIaOA50kutCkQRAbUEGpil8KOKKPZlx-M3E84PGtfTI5zCsgzwiPyZffqR1FVsGL7wOPBrzRfGYtj_MjEKTnBWTiLLXkD_rqFK0S2th7CxfHD3IV4H13QfW8irS9EaekfgBg8829IBWuvJSoN3td_7IBz52RTFgWoFzZxLQj9vSMo4WNI
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=e70309e0-8a7e-49c2-a4ea-5541c650451a&tv=%7Bc:bmFlyR,pingTime:5,time:7322,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:760%7D,%7Bpiv:100,vs:i,r:,t:2312%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5011,o:2312,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:760,wc:0.0.1600.1200,ac:978.513.300.250,am:i,cc:978.513.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1576~0,1~100%5D,as:%5B1577~300.250%5D%7D%7D,%7Bsl:i,t:2312,wc:0.0.1600.1200,ac:978.513.300.250,am:i,cc:978.513.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5009~100%5D,as:%5B5009~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:648,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C1a1%7C1a2*.697509-54255739%7C1a21%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p,idMap:1a2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:56 GMT
x-server-name
dt44.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
get
choices.trustarc.com/ Frame 16B6 		0
0
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 5C5B 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1619867995030
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:55 GMT
Last-Modified
Wed, 24 Mar 2021 03:29:54 GMT
ETag
"1616556594"
X-HW
1619867995.dop133.fr8.t,1619867995.cds211.fr8.shn,1619867995.cds211.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
ping_match.gif
pm.w55c.net/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=346f2ce5716e8691c2f444fe9f452e3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g012_6957280066657596187
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MzQ2ZjJjZTU3MTZlODY5MWMyZjQ0NGZlOWY0NTJlMw==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEF6l4Gw9bqkytejGEgzPHp8&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=cb0ca920-be8d-4fda-a8b2-10d2cf45a776
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5021937871024251783
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/346f2ce5716e8691c2f444fe9f452e3&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-016qrjFE2oOFll0zSfaK04ixtkw0l7tePPKzkqnR~A
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=5f53608d-395c-4500-9349-6a37a92431a1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=7470794973695831336
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame 5C5B 		301 B
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=8796417&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:55 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1619867994945098-396
Expires
Sat, 01 May 2021 11:19:55 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 5C5B 		67 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=8796417&_fw_gdpr=1&_fw_gdpr_consent=&vav=cba5c9a96791871bc2eb34f44e4c242d&vaviv=3a5c284250ba5c8972818bcec9ed90dc&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&percentViewable=100&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&playerSize=445x250&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:55 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1619867995165014-422
Expires
Sat, 01 May 2021 11:19:55 GMT
skeleton.js
static.adsafeprotected.com/ Frame A976
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/697509/54255737/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-c...
  • https://static.adsafeprotected.com/skeleton.js
17 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 17:26:20 GMT
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
age
5075617
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
tRvVs-LpWEKbA5C-2ixrdaHb96ZxppbN6ppwx5fZOEHVazVRI7a93Q==

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:56 GMT
x-server-name
app25.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.5.js
static.adsafeprotected.com/ Frame 967A 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:58:11 GMT
content-encoding
gzip
age
141706
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
AmazonS3
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
vary
Accept-Encoding
x-amz-version-id
Yr.mBFfewYS8TEW0QSrmcai42PlDhFZ2
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
qwAMRmtZ7F5WxHNaYt1KnPwxLKe2SB7Du7RK2P4gdyTALKS9wPUs_Q==
skeleton.js
static.adsafeprotected.com/ Frame 3338
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/697509/54255737/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-c...
  • https://static.adsafeprotected.com/skeleton.js
17 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 17:26:20 GMT
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
age
5075617
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
WBLa-ppT88KKvh2vbPcdxfxtbE_lE_beuqKfVCe64wvg7dx2JA9zsg==

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:56 GMT
x-server-name
app30.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.5.js
static.adsafeprotected.com/ Frame D7FA 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:58:11 GMT
content-encoding
gzip
age
141706
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
AmazonS3
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
vary
Accept-Encoding
x-amz-version-id
Yr.mBFfewYS8TEW0QSrmcai42PlDhFZ2
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
ArlYopg8R12dH-VPddhGMNfu8y-97V0vOoNvgmywR2LgL3-hizah1A==
get
choices.trustarc.com/ Frame 2DC9 		287 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_o0fxk9d7&w=970&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Apr 2021 21:17:55 GMT
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
server
nginx
age
1519320
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
MAD50-C1
content-length
287
x-amz-cf-id
kLbfaOY6iM46-qQGsC3PJSW4MJaGjmIiWfgsFh_zv7xSAj7wn_fCmg==
expires
Thu, 13 May 2021 21:17:55 GMT
get
choices.trustarc.com/ Frame 2DC9 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 10 Apr 2021 21:15:55 GMT
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
server
nginx
age
1778641
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
MAD50-C1
content-length
739
x-amz-cf-id
zsJ5UxNLoEULiddara4oSi3W0MvpSbR8BTMkMbB5bcAsuusgdre2YQ==
expires
Mon, 10 May 2021 21:15:55 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzQ2ZjJjZTU3MTZlODY5MWMyZjQ0NGZlOWY0NTJlMw==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzQ2ZjJjZTU3MTZlODY5MWMyZjQ0NGZlOWY0NTJlMw==&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:56 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzQ2ZjJjZTU3MTZlODY5MWMyZjQ0NGZlOWY0NTJlMw==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619867996763051-348
Expires
Sat, 01 May 2021 11:19:56 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=346f2ce5716e8691c2f444fe9f452e3&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=346f2ce5716e8691c2f444fe9f452e3&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:57 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:57 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=346f2ce5716e8691c2f444fe9f452e3&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619867996965022-368
Expires
Sat, 01 May 2021 11:19:57 GMT
get
choices.trustarc.com/ Frame 66C9 		0
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=21fe866f-b41f-0d2a-f0c6-94cb26e2c055&tv=%7Bc:bmFlLa,pingTime:-2,time:4806,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:3574,bdZ:3626,beA:5227,beZ:5229,mfA:9618,cmA:9618,inA:9618,inZ:9621,prA:9621,prZ:9660,si:9688,poA:9689,poZ:9711,cmZ:9711,mfZ:9711,loA:9916,loZ:9923,ltA:10032,ltZ:10032%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:4437%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:4806,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4437,wc:0.0.1600.1200,ac:3.20.300.600,am:i,cc:3.20.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B414~0%5D,as:%5B414~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C194%7C1a1%7C1a2.697509-54255739%7C1a21%7C1a22%7C1a23%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l*.697509-54255737%7C1l1%7C1l2%7C1m.697509-54255737%7C1m1%7C1m2%7C1n1%7C1o1%7C1p%7C1q,idMap:1l*,rmeas:1,rend:0,renddet:na,slid:%5Bgoogle_ads_iframe_/5765/dailymail.uk/dm_dmwires_reutersart/sky_left_top_0,google_ads_iframe_/5765/dailymail.uk/dm_dmwires_reutersart/sky_left_top_0__container__,sky-left,js-sky-left,top%5D,sinceFw:343,readyFired:true%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:57 GMT
x-server-name
dt31.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=9dbd8fe8-624e-3760-449a-896d372383a9&tv=%7Bc:bmFlLr,pingTime:-2,time:4727,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:3618,bdZ:3669,beA:5091,beZ:5093,mfA:9483,cmA:9483,inA:9483,inZ:9494,prA:9494,prZ:9507,si:9512,poA:9512,poZ:9536,cmZ:9536,mfZ:9536,loA:9732,loZ:9733,ltA:9818,ltZ:9818%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:4420%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:4728,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4420,wc:0.0.1600.1200,ac:1297.20.300.600,am:i,cc:1297.20.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B335~0%5D,as:%5B335~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C194%7C1a1%7C1a2.697509-54255739%7C1a21%7C1a22%7C1a23%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l.697509-54255737%7C1l1%7C1l2%7C1l3%7C1m*.697509-54255737%7C1m1%7C1m2%7C1n1%7C1o1%7C1p%7C1q,idMap:1m*,rmeas:1,rend:0,renddet:na,slid:%5Bgoogle_ads_iframe_/5765/dailymail.uk/dm_dmwires_reutersart/sky_right_top_0,google_ads_iframe_/5765/dailymail.uk/dm_dmwires_reutersart/sky_right_top_0__container__,sky-right,js-sky-right,top%5D,sinceFw:306,readyFired:true%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:57 GMT
x-server-name
dt29.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
pubads.g.doubleclick.net/pagead/interaction/ Frame C569 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bbae0WDmNYPXxA5rP7_UPicWwgAPUjKTARQAAABABIMiWlhw4AFjP07eNgwRgufjHgNwBsgETd3d3LmRhaWx5bWFpbC5jby51a7oBCzQwMXgyMjVfeG1syAEF2gH_AWh0dHBzOi8vd3d3LmRhaWx5bWFpbC5jby51ay93aXJlcy9yZXV0ZXJzL2FydGljbGUtOTUyOTc4NS9BZnRlci1tYXNrZWQtYnVubmllcy1CZWxnaWFuLWFydGlzYW4tc2hpZnRzLWNob2NvbGF0ZS1zeXJpbmdlcy5odG1sP19oc21pPTg4OTc0NzQ0Jl9oc2VuYz1wMkFOcXR6LS1Vd19RNW9yWWphc1VOUzNLckdFZjZpS2JwSll2Q3NfQlRXX1dXdG1pSlBYV19lUTlOMXI5S2NfdmNhOGVBS0pvSXlqMGNsbldmSkc5UzB2Y1loRWlnMlZZUmI4ZHZneDlyaZgClQOpAhYDR1uvLLc-wAIC4AIA6gItLzU3NjUvZG0uY2hyb21lbGVzc3ZpZGVvL2RtX2Rtcm9zX3Jvcy9wcmVyb2xs-ALw0R6QA8gGmAOMBqgDAeAEAdIFBhD5qqz3EpAGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHH9IICQiA4YBQEAEYHdgIAoAKBZgLAYAMAQ&sigh=z2p8VmdS298&label=videoplayfailed901&acvw=&sdkv=h.3.453.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUwODIxMjU2ODkyDDEzODI3MjQzNDYzOUC5HQprCAESE2Fkcy5zdGlja3lhZHN0di5jb20aC3N0aWNreUFEU3R2IAIqDXZwYWlkLWFkYXB0ZXIyDXZwYWlkLWFkYXB0ZXJA0gNSIhAEJQAAoEEoAToHdW5rbm93bkIHdW5rbm93bkj8E1AAYAEYAQ..
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 3D2D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 May 2021 11:19:55 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ Frame A976 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e897fa4837867825de599b2129d0d7466ae13eb94895ea6dc2dd217e83e7ea74

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usync.html
eus.rubiconproject.com/ Frame C53D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.dailymail.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 01 May 2021 11:19:55 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ Frame 3338 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8944e3a4bfa1bb3974a9e35f47acd7878cec7b4ab6b1cb3df9531709eda1781

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
get
choices.trustarc.com/ Frame 5460 		287 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_sqh3smbl&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Apr 2021 21:17:55 GMT
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
server
nginx
age
1519320
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
MAD50-C1
content-length
287
x-amz-cf-id
duPL2kcUxaoxTsMa4DT5E5jqUblGZKeYsuEb_B20fUrd-aKO_0fW-g==
expires
Thu, 13 May 2021 21:17:55 GMT
get
choices.trustarc.com/ Frame 5460 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_sqh3smbl&w=300&h=250&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 10 Apr 2021 21:15:55 GMT
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
server
nginx
age
1778642
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
MAD50-C1
content-length
739
x-amz-cf-id
UZORShuiif2Y5Gn7g6PrqiZ_mTLtq23BF7CL_8MdZc8QCkKk6XOjxg==
expires
Mon, 10 May 2021 21:15:55 GMT
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		168 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
d6f895e4a85f1ec4d67f8b7aa182b7372d8a0f5da65dabdd3982631c6968318f

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:56 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
168
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		254 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8625&site_id=124374&zone_id=1694080&size_id=15&tpid_tdid=70b9d890-5931-4f83-87ad-558f6baed511&eid_pubcid.org=3e783b4a-2acd-4064-b1ff-774d8a481474%5E1&rf=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&tg_i.area=wires&tk_flint=pbjs_lite_v4.13.0-mol-1&x_source.tid=2c8a9d50-e17e-4ada-bf57-22ea3f80a6cb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=2&rand=0.3795937620456409
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c69312b8ec1db3066e5c4be932dc343b2c46c3159fd46fb541b5089594019763

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:56 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
254
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691510171713aaede3c85d0ab0026&pos=desktop_mpu_player&cmd=bid&secure=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
c9ca2b473cc45fa4036a0c7997c7de0d9f4e901f76c30351e1c5ff4e63af2fdf

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 May 2021 11:19:57 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
arj
mailonline-uk-d.openx.net/w/1.0/ 		172 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mailonline-uk-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2c8a9d50-e17e-4ada-bf57-22ea3f80a6cb%2C2c8a9d50-e17e-4ada-bf57-22ea3f80a6cb&nocache=1619867995950&pubcid=3e783b4a-2acd-4064-b1ff-774d8a481474&ttduuid=70b9d890-5931-4f83-87ad-558f6baed511&aus=300x250%7C300x250&divIds=mpu_player%2Cmpu_player&auid=541063092%2C541063092
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.206.0 /
Resource Hash
524172820f1e16e4d6fd4caf87122caa02a45062928aef32afbbd5ab1a825566

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:55 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		143 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=106&profileId=185&av=32&wv=4.13.0-mol-1&cb=46027048997
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ec68a7c7f7f4785edef5acbcabf10afe4574eeaa3114b4c9f583b4e3ef376bd8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 01 May 2021 11:19:56 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
145
prebid
ib.adnxs.com/ut/v3/ 		35 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7ecc225ac537349228900abe7b7b30a6e1612b3d7b8011d526ad609dc4062a0f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 01 May 2021 11:19:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.41:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
563370bd-79ff-45a3-85ae-15e6f2136c1e
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.dailymail.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		26 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=503172&v=7.2&r=%7B%22id%22%3A%22278de9d868731fd5%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2227992d1923f4bd62%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503172%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22280b71cbbf6a1129%22%2C%22ext%22%3A%7B%22siteID%22%3A%22503172%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ab58c78dfb722588d6b50436765847f9fa48ceaf740d3b7a71a47b4751c4d439

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:56 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.132], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dailymail.co.uk
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
46
x-ak-client-geo
28
expires
Sat, 01 May 2021 11:19:56 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3065&u=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&pid=VKWJ3TztadHGI&cb=8&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%22mpu_player%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid%22%3A%224680455013%22%7D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:56 GMT
via
1.1 3a5cd718bb9eb50d9c931e1f7586b5a8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MAD50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
HiUyeaDYRN8iesuIBUyVwnoR5cUEK5A6pYhuL9tsgE2lxRO7N5yX1w==
usync.js
eus.rubiconproject.com/ Frame 3D2D 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24957
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Sat, 01 May 2021 18:15:53 GMT
usync.js
eus.rubiconproject.com/ Frame C53D 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 01 May 2021 11:19:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24957
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Sat, 01 May 2021 18:15:53 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=9dbd8fe8-624e-3760-449a-896d372383a9&tv=%7Bc:bmFm6m,time:6024,type:e,im:%7Bimprf:%7Bttecl:7249,ecd:15,tsecr:66%7D%7D,env:%7Bnr_p:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:6024,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4420,wc:0.0.1600.1200,ac:1297.20.300.600,am:i,cc:1297.20.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1631~0%5D,as:%5B1631~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C194%7C1a1%7C1a2.697509-54255739%7C1a21%7C1a22%7C1a23%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l.697509-54255737%7C1l1%7C1l2%7C1l3%7C1m*.697509-54255737%7C1m1%7C1m2%7C1n1%7C1o1%7C1p%7C1q,idMap:1m*,rmeas:1,rend:0,renddet:na%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:57 GMT
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=21fe866f-b41f-0d2a-f0c6-94cb26e2c055&tv=%7Bc:bmFm7b,time:6171,type:e,im:%7Bimprf:%7Bttecl:7420,ecd:15,tsecr:63%7D%7D,env:%7Bnr_p:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:6171,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4437,wc:0.0.1600.1200,ac:3.20.300.600,am:i,cc:3.20.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1779~0%5D,as:%5B1779~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C194%7C1a1%7C1a2.697509-54255739%7C1a21%7C1a22%7C1a23%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l*.697509-54255737%7C1l1%7C1l2%7C1m.697509-54255737%7C1m1%7C1m2%7C1n1%7C1o1%7C1p%7C1q,idMap:1l*,rmeas:1,rend:0,renddet:na%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:57 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
events
bidder.criteo.com/csm/ 		0
149 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.dailymail.co.uk
date
Sat, 01 May 2021 11:19:56 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
/
crta.dailymail.co.uk/ 		8 B
451 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:288::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.10 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:58 GMT
server
http-to-kafka/0.8.10
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Sat, 01 May 2021 11:19:58 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dailymail.co.uk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1797757661030233&correlator=1961081133953413&output=ldjh&impl=fif&hxva=1&scor=2766300031080791&eid=21065646%2C31060922%2C21064367%2C31060682&vrg=2021042701&ptt=17&sc=1&sfv=1-0-38&ecs=20210501&iu_parts=5765%2Cdailymail.uk%2Cdm_dmwires_reutersart%2Cmpu_player&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=maxbid%3D0.21%26maxbidpk%3D1%26maxbid_bidder%3Dappnexus%26pos%3Dmpu_player%26adx_channel%3D4%26nobids%3Dfalse%26refreshCount%3D0%26offset%3D0%26hb_bidder%3Dappnexus%26hb_adid%3D2810d032f0422e64%26hb_pb%3D0.20%26hb_size%3D300x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_skin%3Dfalse%26bc%3D0%26bc_diff%3D0%26hb_adid_appnexus%3D2810d032f0422e64%26hb_pb_appnexus%3D0.20%26hb_size_appnexus%3D300x250%26hb_source_appnexus%3Dclient%26hb_format_appnexus%3Dbanner%26hb_skin_appnexus%3Dfalse%26adNami%3Don&eri=4&cust_params=page%3Dart%26article%3D9529785%26environment%3Dproduction%26country%3Dde%26abv%3Dnext-release%252Fa174b6cfc%26mvt%3Dpermutive_on%252Cuniversalid_on%252CperfMon_on%252Cfe_desktop_default%26bot%3Dfalse%26random%3D0392c6a4-6ed2-427e-9879-6389738ca5bc%26impid%3Ddee9d0a2-746c-4515-94c5-f48c72c4d067%26sw%3D1600%26sh%3D1200%26device%3Dwindows10%26device_features%3D%26articlewithvideo%3Dfalse%26style%3Dwide%26watershed%3Dfalse%26location%3Ddailymail_co_uk%26id5%3Dtrue%26prog%3Dtrue%26area%3Dwires%26subarea%3Dreuters&cookie=ID%3Dbcc3630ea429397d%3AT%3D1619867996%3AS%3DALNI_MbQt7kKEG2r-fMAY5a1_N69oAUvFQ&cdm=www.dailymail.co.uk&bc=31&abxe=1&dt=1619867997951&dlt=1619867970825&idt=5959&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3910603722&ucis=9&ifi=9&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html&loc=https%3A%2F%2Fwww.dailymail.co.uk%2Fwires%2Freuters%2Farticle-9529785%2FAfter-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=0x-1&psts=AGkb-H-nMjVOdPJ8sEPlLWCWYmk4T4LOkIFOBAYICypBReIyZWSc7AaEy4Kq3Ax_PW_u_T2556S1-3D2jbPEbh-4%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8TASp5cD9P2j5CLniH1FX3SM8vJm_3yZZIu0ExzQBg7iDn0kIn1YPBcKNontCeUHBvSZjHyoqWpo3b3PEl%2CAGkb-H_eSowCF3rsRWgub3BorgEW5Td4HBedkLCCw7nQXwbS_2dEs8YjArdPF0IglIceldYx9TA2svuq8IavmOeI%2CAGkb-H9YK91aom_rbEje02kimDrt9BERt7nIm2DlCk0wTV1i_2UaWjmrgUQiMqyovpKQ2hOKcQPyV1ZnLYNffzin%2CAGkb-H8CZDek0GsW0SX1Qfz8FQb9QOLoLPSyyiBVH8jCduPReFXEveTzQQdFvGYI5FbugdwEAO1vjj9tfuyi0wPV%2CAGkb-H-QMJ-uIbXKqtDNV3lGYHQ3FE-uKZ48lgJdWnyrXRg8LERoXNveVavGVqIa8wu61f8x25I49Qe-h9KNqLrk&ga_vid=592649942.1619867975&ga_sid=1619867975&ga_hid=801510579&ga_fc=false&fws=644&ohw=445&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
f9b57d922e723433102274c955b2860cf006840a66ab56c4e2ea7d982316949b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13511
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 42A5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.dailymail.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.dailymail.co.uk/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 01 May 2021 11:19:38 GMT
expires
Sun, 01 May 2022 11:19:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
20
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 42A5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CehH3XjmNYPML68rv9Q-jrr_4Bd2V5bdcjpKgjlfAjbcBEAEgAGC5-MeA3AGCARdjYS1wdWItNDE4MDgzNTY5NDE2NjI1NaAB2obz6APIAQngAgCoAwGqBNoCT9AWklPd3orsSxaHJd-ABTA_sZQSakd5Xvjbb1imowsgx6HWWAa4ivBxKd-V75MJPgaXkCdncLbucKyvT7YPtfyrdO5QN88frRDLB2Cvpck4v4m_0d9PmsIxnSVI9Hpl33rsr6_RFHDmUMsECoQW7ZHcXZ2bLpPt4EcIcmhz3BIMic_Tjm_pOopiFXjk4eDoTc3mnkXqOR64J4yVcugYzYfKMwJ8Y6KZFYz90qfr9ju5J4YzZaAemyhjCkOtTAMqWr_P1PU94DeV8Us0BzTEjgp-KFoeG0KkmsisPn7ezQftzwmSfdtQjE3F3eKc8JCo-q_UPpbhkRowKd_z0caRMRrM1DV5du4-YEfWRwSt9D0Lrr7sLoiyEkdtzb1LtnkyLa_HGVlE7LVl2hzp0Lp27eBQ-Jq8DD3o8OhwdbN9uJSFr_hK406zXH2ueFhvkirKtTQ4GXWMnfWxQeAEAYAG46Di_ITm_NWvAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoD-gsCCAGADAGyFxgKFhIUcHViLTQxODA4MzU2OTQxNjYyNTU&sigh=p89pV30REtI
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
clk
ad.doubleclick.net/ddm/adj/N4331.284566THETRADEDESK/B25637237.301547608;sz=300x250;click0=http://insight.adsrvr.org/track/ Frame 42A5 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N4331.284566THETRADEDESK/B25637237.301547608;sz=300x250;click0=http://insight.adsrvr.org/track/clk?imp=ae61c0bb-a79a-4dd0-be5e-099b796e9c9c&ag=mcjg006&sfe=12c4b95e&sig=RiDfJz90BkgRgXVRkTiJIla-qrRf_uQ8qS9qOPCYFIk.&crid=sqh3smbl&cf=2224661&fq=0&t=1&td_s=www.dailymail.co.uk&rcats=&mcat=&mste=dailymail.co.uk&mfld=3&mssi=None&mfsi=hbziu8s6v7&sv=google&uhow=157&agsa=&wp=YI05XgAABfMIu-VrAA_XI9wfnR43fS_ihopDKA&rgco=Belgium&rgre=Brussels%20Capital&rgme=&rgci=Brussels&rgz=1930&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=pub-4180835694166255&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=&c=OAFQAXgAgAEAiAEB&dur=&durs=UJSBm-&crrelr=&npt=&svscid=pub-4180835694166255&mdl=Chrome%20-%20Windows&fpa=681&said=YI05XgABRaUH%2FYNbJAjifw%3D%3D&auct=1&grdc=CAEYASABKAFAAUgC&r=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOe9HXjmNYPML68rv9Q-jrr_4Bd2V5bdcjpKgjlfAjbcBEAEgAGC5-MeA3AGCARdjYS1wdWItNDE4MDgzNTY5NDE2NjI1NaAB2obz6APIAQngAgCoAwGqBN0CT9AWklPd3orsSxaHJd-ABTA_sZQSakd5Xvjbb1imowsgx6HWWAa4ivBxKd-V75MJPgaXkCdncLbucKyvT7YPtfyrdO5QN88frRDLB2Cvpck4v4m_0d9PmsIxnSVI9Hpl33rsr6_RFHDmUMsECoQW7ZHcXZ2bLpPt4EcIcmhz3BIMic_Tjm_pOopiFXjk4eDoTc3mnkXqOR64J4yVcugYzYfKMwJ8Y6KZFYz90qfr9ju5J4YzZaAemyhjCkOtTAMqWr_P1PU94DeV8Us0BzTEjgp-KFoeG0KkmsisPn7ezQftzwmSfdtQjE3F3eKc8JCo-q_UPpbhkRowKd_z0caRMRrM1DV5du4-YEfWRwSt9D0Lrr7sLoiyEkdtzb1LtnkyLa_HGVlE7LVl2hzp0Lp27eBQ-Jq8DD3o8OhwdbN9uJSFr_hK406zXH3selT9VJwjxJ7RD_QbjHAO-mp9ZuAEAYAG46Di_ITm_NWvAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_3E8z_XorLvI3fs2Wd6QF5H9xVPog%26client%3Dca-pub-4180835694166255%26adurl%3D;ord=892167;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
df1a482c68871ba4b896ed0cd36c7e729ff9fcd189b145db294c2ace16436bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/697509/54255739/ Frame 42A5 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/697509/54255739/skeleton.js
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.67.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
deef54012688c585c9aa7b366318eba4f35e6077f686c9c0b79198f62696c566

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:58 GMT
content-encoding
gzip
x-server-name
app01.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
ca
choices.truste.com/ Frame 42A5 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=6dt6nwp_mcjg006_sqh3smbl&c=tradedesk01cont1&js=pmw0&w=300&h=250&sid=0
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cc12e20bb61f4ab29d21ebecb788801a53dc24a26436829643f4f185282c3330

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:55 GMT
content-encoding
gzip
server
nginx
age
3
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
TzkD1T2IijhR_ZwSVZy5hdBYldM4N4d2GbNf1WWlwa9U6NwuX-y0Hg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 42A5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 May 2021 11:19:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 42A5 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619782032619693"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35920
x-xss-protection
0
expires
Sat, 01 May 2021 11:19:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 42A5 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:15:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 May 2021 11:15:58 GMT
l
www.google.com/ads/measurement/ Frame 42A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgLnBvwUA_g-6asmzqNlrrquOaLL7QW8SgWDCIb6P_asZs2T5mHv4CheBUh_kQ0wAC1mPmYucH_hVz60TC3Pm8buKiUQ
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 42A5 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 09:19:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7216
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 09:19:42 GMT
google
de1-bid.adsrvr.org/bid/feedback/ Frame 42A5 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/google?t=1&iid=ae61c0bb-a79a-4dd0-be5e-099b796e9c9c&crid=sqh3smbl&wp=YI05XgAABfMIu-VrAA_XI9wfnR43fS_ihopDKA&aid=1&wpc=USD&sfe=12c4b95e&puid=CAESEPA_ml4KtZzrwg88Vj2yzd0&tdid=&pid=sr0jhd1&ag=mcjg006&adv=4mvj28f&sig=1oNk7Ev2zOBMYm8P5ekDn2a6hr4grOkg4cdFP2xnLOcc.&bp=3.50800020678270651605&cf=2224661&fq=0&td_s=www.dailymail.co.uk&rcats=&mcat=&mste=dailymail.co.uk&mfld=3&mssi=None&mfsi=hbziu8s6v7&uhow=157&agsa=&rgco=Belgium&rgre=Brussels%20Capital&rgme=&rgci=Brussels&rgz=1930&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=pub-4180835694166255&did=&rcxt=Other&lat=50.884700&lon=4.504900&tmpc=&daid=&vp=0&osi=&osv=&mdl=Chrome%20-%20Windows&c=OAFQAXgAgAEAiAEB&dur=&durs=UJSBm-&crrelr=&fpa=681&grdc=CAEYASABKAFAAUgC&vc=3&said=YI05XgABRaUH%2FYNbJAjifw%3D%3D&auct=1&im=1&mc=a0444ac9-2db2-47ff-86ff-2ee59c9815bb
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
must-revalidate, no-cache
connection
close
content-type
image/gif
dc_oe=ChMI-bTbva6o8AIVsMi7CB3TGgPfEAAYACDGm6BH;met=1;&timestamp=1619867998778;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 16B6 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-bTbva6o8AIVsMi7CB3TGgPfEAAYACDGm6BH;met=1;&timestamp=1619867998778;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 42A5 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 14:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74928
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 May 2021 14:31:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame 42A5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4331.284566THETRADEDESK/B25637237.301547608;sz=300x250;click0=http://insight.adsrvr.org/track/clk?imp=ae61c0bb-a79a-4dd0-be5e-099b796e9c9c&ag=mcjg006&sfe=12c4b95e&sig=RiDfJz90BkgRgXVRkTiJIla-qrRf_uQ8qS9qOPCYFIk.&crid=sqh3smbl&cf=2224661&fq=0&t=1&td_s=www.dailymail.co.uk&rcats=&mcat=&mste=dailymail.co.uk&mfld=3&mssi=None&mfsi=hbziu8s6v7&sv=google&uhow=157&agsa=&wp=YI05XgAABfMIu-VrAA_XI9wfnR43fS_ihopDKA&rgco=Belgium&rgre=Brussels%20Capital&rgme=&rgci=Brussels&rgz=1930&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=pub-4180835694166255&rlangs=en&mlang=&did=&rcxt=Other&tmpc=&vrtd=&osi=&osv=&daid=&dnr=0&vpb=&c=OAFQAXgAgAEAiAEB&dur=&durs=UJSBm-&crrelr=&npt=&svscid=pub-4180835694166255&mdl=Chrome%20-%20Windows&fpa=681&said=YI05XgABRaUH%2FYNbJAjifw%3D%3D&auct=1&grdc=CAEYASABKAFAAUgC&r=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOe9HXjmNYPML68rv9Q-jrr_4Bd2V5bdcjpKgjlfAjbcBEAEgAGC5-MeA3AGCARdjYS1wdWItNDE4MDgzNTY5NDE2NjI1NaAB2obz6APIAQngAgCoAwGqBN0CT9AWklPd3orsSxaHJd-ABTA_sZQSakd5Xvjbb1imowsgx6HWWAa4ivBxKd-V75MJPgaXkCdncLbucKyvT7YPtfyrdO5QN88frRDLB2Cvpck4v4m_0d9PmsIxnSVI9Hpl33rsr6_RFHDmUMsECoQW7ZHcXZ2bLpPt4EcIcmhz3BIMic_Tjm_pOopiFXjk4eDoTc3mnkXqOR64J4yVcugYzYfKMwJ8Y6KZFYz90qfr9ju5J4YzZaAemyhjCkOtTAMqWr_P1PU94DeV8Us0BzTEjgp-KFoeG0KkmsisPn7ezQftzwmSfdtQjE3F3eKc8JCo-q_UPpbhkRowKd_z0caRMRrM1DV5du4-YEfWRwSt9D0Lrr7sLoiyEkdtzb1LtnkyLa_HGVlE7LVl2hzp0Lp27eBQ-Jq8DD3o8OhwdbN9uJSFr_hK406zXH3selT9VJwjxJ7RD_QbjHAO-mp9ZuAEAYAG46Di_ITm_NWvAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAE%26num%3D1%26sig%3DAOD64_3E8z_XorLvI3fs2Wd6QF5H9xVPog%26client%3Dca-pub-4180835694166255%26adurl%3D;ord=892167;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:18:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 May 2021 11:18:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 42A5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 04:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22933
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 May 2022 04:57:45 GMT
main.gr.19.8.193.js
static.adsafeprotected.com/ Frame 42A5 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.193.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/697509/54255739/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 16:37:27 GMT
content-encoding
gzip
age
931351
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Apr 2021 16:21:52 GMT
server
AmazonS3
etag
W/"3bc122544b299af3472a4ba27ce7978f"
vary
Accept-Encoding
x-amz-version-id
YnDfosEmPFk1USroKyX80ierLiGWq8lS
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
9cr1NzGcjDJ3npDZyO2yTcwbpIT7ouWFuzkr8ZGjKGW1tIu1Gw2RNg==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E582 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 01 May 2021 03:14:09 GMT
expires
Sun, 02 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
29150
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 42A5 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb5d20fb49d4787b61ceec7d24c5b417a21aa0356703616191a79bcd97f048ea

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 269A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sat, 01 May 2021 09:29:22 GMT
expires
Sun, 01 May 2022 09:29:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6637
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/10507625/1618583823539/ Frame 5EB2 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10507625/1618583823539/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481fccb8c7af1757fd4746a1a7fd818c6a3a82e2f1048f31358d6e6339b2b156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10507625/1618583823539/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2368
date
Fri, 30 Apr 2021 18:57:06 GMT
expires
Sat, 01 May 2021 18:57:06 GMT
last-modified
Fri, 16 Apr 2021 14:37:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
58973
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 42A5 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvu9Fhkw0BXD8Q-MnFL7iBmoMAPgPfqI5Lny1LN0V2mAmmPkJoiZub0ufb44OmiNaz_TBK5UQy0UsxTK17PdUh2o4B6885FDfb9bYLsC7AUR40MNnjSBX3Ckun_V_r3ShW_AbdoiFSlCoQQfYdg4S2q3VH8_haiWsPtsrDbbfgZ1k7rRy4MTZPLwSIXLUa8C7tYZGkG0xgazafRBQ&sig=Cg0ArKJSzPpaLE7DR7XYEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=490&cbvp=1&cstd=487&cisv=r20210428.99755&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
skeleton.js
static.adsafeprotected.com/ Frame 42A5
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/697509/54255739/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dailymail.co.uk%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fda99d92918d493f671c8393ee832c30e.safefram...
  • https://static.adsafeprotected.com/skeleton.js
17 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 17:26:20 GMT
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
age
5075620
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
OHaYF1ypeLBSLkIDQi18MuyaiG4kfdi9t0X4WU0k5sMMH0r1TKHjvA==

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:59 GMT
x-server-name
app35.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.5.js
static.adsafeprotected.com/ Frame C515 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:58:11 GMT
content-encoding
gzip
age
141709
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
AmazonS3
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
vary
Accept-Encoding
x-amz-version-id
Yr.mBFfewYS8TEW0QSrmcai42PlDhFZ2
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
AMS1-C1
content-type
application/javascript
x-amz-cf-id
O7nWviG1qflR2-2O3JlGa4d0NhlXgETkub1PiHAa0F5Sa6hf8aQ66Q==
/
crta.dailymail.co.uk/ 		8 B
451 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crta.dailymail.co.uk/
Requested by
Host: scripts.dailymail.co.uk
URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:288::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
http-to-kafka/0.8.10 /
Resource Hash
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:59 GMT
server
http-to-kafka/0.8.10
etag
W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
8
expires
Sat, 01 May 2021 11:19:59 GMT
dpixel
cms.quantserve.com/ Frame E582 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENZTwk4yhwYLcpgwNpmPNX0&google_cver=1&google_push=AQvitUIww4JqA43eR0TycVhdbl_ujxJDnrjJnXnAxtYbz7NxCVzUEGzxw_XIM20FYNPkuI787Wz3VqJdr3kPHibDS4FT9s1mgVWffQ
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E582
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB0P5TxaAsegzNeNdHnrie8&google_cver=1&google_push=AQvitUJBuoPIIvGdfUgDRhIbq-4RPbd6y9AOyMZLjDKyk6RDT5WbVyyjirOxDCxRTjP2ykR3eIXIgp8ipZVMthnf9DJ7...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEB0P5TxaAsegzNeNdHnrie8&google_cver=1&google_push=AQvitUJBuoPIIvGdfUgDRhIbq-4RPbd6y9AOyMZLjDKyk6RDT5WbVyyjirOxDCxRTjP2ykR3eIXIgp8ipZVMth...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8900ad02-3f4c-4133-8f87-590532b54f1a&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJBuoPIIvGdfUgDRhIbq-4RPbd6y9AOyMZLjDKyk6RDT5WbVyyjirOxDCxRTjP2ykR3eIXIgp8ipZVMthnf9DJ7E6K28PsA2Q&google_hm=O6BjqweDRJ68kDYo21doyw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJBuoPIIvGdfUgDRhIbq-4RPbd6y9AOyMZLjDKyk6RDT5WbVyyjirOxDCxRTjP2ykR3eIXIgp8ipZVMthnf9DJ7E6K28PsA2Q&google_hm=O6BjqweDRJ68kDYo21doyw==
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJBuoPIIvGdfUgDRhIbq-4RPbd6y9AOyMZLjDKyk6RDT5WbVyyjirOxDCxRTjP2ykR3eIXIgp8ipZVMthnf9DJ7E6K28PsA2Q&google_hm=O6BjqweDRJ68kDYo21doyw==
date
Sat, 01 May 2021 11:20:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame E582
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPxpQ4PSDoO0KXVORUoYeJg&google_cver=1&google_push=AQvitUIHFh-SsGuH6V-AmlWFPD3fo6ncOKMieDFHA0BUFoREgOGiPLu208u7WBZcuQKIhK4XNh90AbW-...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPxpQ4PSDoO0KXVORUoYeJg&google_cver=1&google_push=AQvitUIHFh-SsGuH6V-AmlWFPD3fo6ncOKMieDFHA0BUFoREgOGiPLu208u7WBZcuQKIhK4XNh9...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE1ODkzNDExNTQ0NzU2NjQ5MQ&google_push=AQvitUIHFh-SsGuH6V-AmlWFPD3fo6ncOKMieDFHA0BUFoREgOGiPLu208u7WBZcuQKIhK4XNh90Ab...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE1ODkzNDExNTQ0NzU2NjQ5MQ&google_push=AQvitUIHFh-SsGuH6V-AmlWFPD3fo6ncOKMieDFHA0BUFoREgOGiPLu208u7WBZcuQKIhK4XNh90AbW-UWwCysFS-Xr-wBFSwySDrQ
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE1ODkzNDExNTQ0NzU2NjQ5MQ&google_push=AQvitUIHFh-SsGuH6V-AmlWFPD3fo6ncOKMieDFHA0BUFoREgOGiPLu208u7WBZcuQKIhK4XNh90AbW-UWwCysFS-Xr-wBFSwySDrQ
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame E582
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG8h4PxpybYY4CDhBDlZ0AE&google_cver=1&google_push=AQvitUJC-3-qbw17-IdA1pKORRaxgo5EB2IwYI038VJiyWVmXTEVxvMHgLWtJOFVsLzXzNKzrUq...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081TktYMzAtMS1COElX&google_push=AQvitUJC-3-qbw17-IdA1pKORRaxgo5EB2IwYI038VJiyWVmXTEVxvMHgLWtJOFVsLzXzNKzrUq4eVbj2SE6ECemEo6OvjjiH-wjCQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081TktYMzAtMS1COElX&google_push=AQvitUJC-3-qbw17-IdA1pKORRaxgo5EB2IwYI038VJiyWVmXTEVxvMHgLWtJOFVsLzXzNKzrUq4eVbj2SE6ECemEo6OvjjiH-wjCQ
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S081TktYMzAtMS1COElX&google_push=AQvitUJC-3-qbw17-IdA1pKORRaxgo5EB2IwYI038VJiyWVmXTEVxvMHgLWtJOFVsLzXzNKzrUq4eVbj2SE6ECemEo6OvjjiH-wjCQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
-
s.ad.smaato.net/c/n/// Frame E582 		0
0
pixel
cm.g.doubleclick.net/ Frame E582
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEEvTDShifYyjmVZEokX6Mww&google_cver=1&google_push=AQvitUJ4t5EsOe-8Rn8noe6_tVAmiqpozJGvb4ZE9gnkWk-xrfrKn2rWbeisbBdBqd_AqCLxWdf5YBrYvB2VtuEv7xEn1FwfnpEM
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyODY5NTk5MjEzODAxNTAwMFYxMA%3d%3d&mn_hm=MjYyODY5NTk5MjEzODAxNTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUJ4t5EsOe-8Rn8noe6_tVAmiqp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyODY5NTk5MjEzODAxNTAwMFYxMA%3d%3d&mn_hm=MjYyODY5NTk5MjEzODAxNTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUJ4t5EsOe-8Rn8noe6_tVAmiqpozJGvb4ZE9gnkWk-xrfrKn2rWbeisbBdBqd_AqCLxWdf5YBrYvB2VtuEv7xEn1FwfnpEM
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 01 May 2021 11:19:59 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyODY5NTk5MjEzODAxNTAwMFYxMA%3d%3d&mn_hm=MjYyODY5NTk5MjEzODAxNTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUJ4t5EsOe-8Rn8noe6_tVAmiqpozJGvb4ZE9gnkWk-xrfrKn2rWbeisbBdBqd_AqCLxWdf5YBrYvB2VtuEv7xEn1FwfnpEM
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Sat, 01 May 2021 11:19:59 GMT
sync
ssbsync.smartadserver.com/api/ Frame E582 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame E582 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J85x4ZaSdjTr1IdS-zd_Myx4ZbsSX-NuiYwU6iGD36cwxOfBQXUYgyPoXt2b0T9pd1wpRc
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:59 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame 42A5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=2abcb8f8-181a-a593-24bc-07954336f60b&tv=%7Bc:bmFmM9,pingTime:-2,time:662,type:a,im:%7BpBlk:465,sf:1,pom:1,prf:%7BbdA:296,bdZ:363,beA:526,beZ:529,mfA:949,cmA:950,inA:950,inZ:952,prA:952,prZ:977,si:981,poA:982,bl:990,poZ:991,cmZ:991,mfZ:991,loA:1140,loZ:1142,ltA:1187,ltZ:1187%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:454%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:662,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:454,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B237~1%5D,as:%5B237~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C194%7C1a1%7C1a2.697509-54255739%7C1a21%7C1a22%7C1a23%7C1a24%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1l.697509-54255737%7C1l1%7C1l2%7C1l3%7C1l4%7C1m.697509-54255737%7C1m1%7C1n1%7C1o%7C1p*.697509-54255739%7C1p1%7C1p2%7C1p3,idMap:1p*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:205,readyFired:true%7D&br=u
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:59 GMT
x-server-name
dt58.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
createjs.min.js
code.createjs.com/1.0.0/ Frame 5EB2 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10507625/1618583823539/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 01 May 2021 11:19:59 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sat, 01 May 2021 11:34:59 GMT
index.js
s0.2mdn.net/10507625/1618583823539/ Frame 5EB2 		93 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10507625/1618583823539/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10507625/1618583823539/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81ee11f8c5e5ef5a7f3d4bec479736b89b9470e77f0d281923bb67ba362f9577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10507625/1618583823539/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 18:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58973
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16294
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 14:37:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 01 May 2021 18:57:06 GMT
V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
pagead2.googlesyndication.com/bg/ Frame 269A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V1lNzVGDXdksv1u627CI7W0-mHZYzGGGZdNtnF4LgGE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 07:45:37 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
99262
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5617
x-xss-protection
0
expires
Sat, 30 Apr 2022 07:45:37 GMT
_300x250.jpg
s0.2mdn.net/10507625/1618583823539/ Frame 5EB2 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10507625/1618583823539/_300x250.jpg
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2df87bed09669cf774e92facef9885402d620431463aa58fec771a2f2ab13f57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10507625/1618583823539/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Apr 2021 18:57:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 16 Apr 2021 14:37:03 GMT
server
sffe
age
58972
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75557
x-xss-protection
0
expires
Sat, 01 May 2021 18:57:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 42A5 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvu9Fhkw0BXD8Q-MnFL7iBmoMAPgPfqI5Lny1LN0V2mAmmPkJoiZub0ufb44OmiNaz_TBK5UQy0UsxTK17PdUh2o4B6885FDfb9bYLsC7AUR40MNnjSBX3Ckun_V_r3ShW_AbdoiFSlCoQQfYdg4S2q3VH8_haiWsPtsrDbbfgZ1k7rRy4MTZPLwSIXLUa8C7tYZGkG0xgazafRBQ&sig=Cg0ArKJSzPpaLE7DR7XYEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=874&vt=11&dtpt=384&dett=3&cstd=487&cisv=r20210428.99755&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 01 May 2021 11:19:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=21fe866f-b41f-0d2a-f0c6-94cb26e2c055&tv=%7Bc:bmFmRu,pingTime:0,time:9042,type:pf,im:%7Bpci:%7Btdr:4363%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:4437%7D,%7Bpiv:100,vs:i,r:,t:9041%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:9041,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4437,wc:0.0.1600.1200,ac:3.20.300.600,am:i,cc:3.20.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B4649~0,1~100%5D,as:%5B4650~300.600%5D%7D%7D,%7Bsl:i,t:9041,wc:0.0.1600.1200,ac:3.20.300.600,am:i,cc:3.20.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4649~0,1~100%5D,as:%5B4650~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:486,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C194%7C1a1%7C1a2.697509-54255739%7C1a21%7C1a22%7C1a23%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l*.697509-54255737%7C1l1%7C1l2%7C1m.697509-54255737%7C1m1%7C1m2%7C1n1%7C1o1%7C1p.697509-54255739%7C1q,idMap:1l*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:59 GMT
x-server-name
dt37.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=9dbd8fe8-624e-3760-449a-896d372383a9&tv=%7Bc:bmFmRB,pingTime:0,time:8953,type:pf,im:%7Bpci:%7Btdr:4235%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:4420%7D,%7Bpiv:100,vs:i,r:,t:8952%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:8952,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4420,wc:0.0.1600.1200,ac:1297.20.300.600,am:i,cc:1297.20.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B4559~0,1~100%5D,as:%5B4560~300.600%5D%7D%7D,%7Bsl:i,t:8952,wc:0.0.1600.1200,ac:1297.20.300.600,am:i,cc:1297.20.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4559~0,1~100%5D,as:%5B4560~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:532,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C194%7C1a1%7C1a2.697509-54255739%7C1a21%7C1a22%7C1a23%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l.697509-54255737%7C1l1%7C1l2%7C1l3%7C1m*.697509-54255737%7C1m1%7C1m2%7C1n1%7C1o1%7C1p.697509-54255739%7C1q,idMap:1m*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:19:59 GMT
x-server-name
dt52.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dc_oe=ChMI3ZjFv66o8AIV7IWDBx0ILwwoEAAYACCQ0J1H;met=1;&timestamp=1619868000194;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 66C9 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3ZjFv66o8AIV7IWDBx0ILwwoEAAYACCQ0J1H;met=1;&timestamp=1619868000194;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
choices.trustarc.com/ Frame 3338 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&w=300&h=600&c=tradedesk01cont1&js=pmw1&base=te-clr1-524f2f03-0279-47c6-9f48-ee349de7421e&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&c=tradedesk01cont1&js=pmw0&w=300&h=600&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
299721258a5ed91bfd24026f566cce2ea21e3daf377a0891e5711b98507236e1

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
MAD50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
2384
x-amz-cf-id
JbT9TcsB1UEqgWspc_qOCa1lX-C_4AlKWDk16uFpAwYu_pnTcQtLiw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 3338 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&w=300&h=600&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&c=tradedesk01cont1&js=pmw0&w=300&h=600&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
MAD50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id
A08qQRj8dgPVwPqcIK4ZeD0wzeAtcHCDEd3l-XYmU7vrepNZ6Q1IqQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 3338 		43 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&w=300&h=600&c=8133
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MAD50-C1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
8TYc-uy4rxRC65Ga0q5UQzS_Uk3F8W0zLVRrlJsDz5-8rkJfy1Tpkw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame A976 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&w=300&h=600&c=tradedesk01cont1&js=pmw1&base=te-clr1-524f2f03-0279-47c6-9f48-ee349de7421e&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&c=tradedesk01cont1&js=pmw0&w=300&h=600&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
299721258a5ed91bfd24026f566cce2ea21e3daf377a0891e5711b98507236e1

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
MAD50-C1
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
2384
x-amz-cf-id
YM2H2N6coI92Fx1PXxH5D2Qo5XuLv4J5CZSL35wRldA504R4VgLfag==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame A976 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&w=300&h=600&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&c=tradedesk01cont1&js=pmw0&w=300&h=600&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
MAD50-C1
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id
6FjoncdQIeoS1QCduvJmiqDV_F5jn7WJalT-nmWw6FAiS8E9aeIPzA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame A976 		43 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&w=300&h=600&c=bcb0
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MAD50-C1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
7Ex8InKmw10yD6o2_DQDWTaSjuMEJKbWcWv7U2sPvmzIcstxXgFlPA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 42A5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyIuomba4kR9WJNkY8T-5psG6Zz6Mw9NojMwbjMtk7nt1XRv8XvaDivndgWUUY4rlzvE07bndMOjuhlsBzoxc&sig=Cg0ArKJSzBvQ5dXGY75EEAE&id=lidar2&mcvt=1034&p=0,0,250,300&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=0&rs=6&met=mue&la=0&cr=0&vs=4&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 269A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMhQpXjmNYKXNKcHt3wPek7eIBAAAAAA4AeAEAg&bg=!QkGlQQXNAAZLnZBaS507ACkAdvg8Wrv1PvUJcCoSkSNo-YgdcxpY-7PzZFSqHZ3FUdujLe-2Cj0DJQIAAAKmUgAAAHVoAQeZAmzXe4apoHaMZTDAI-l6OzYgsFzD9HgUuBrZCCGpjbLwkXQMoY9w87SwBmSRq8QH1buWCgDSIQXe-U--Iyc7NklSOLsqhLkheNOHarnbYCnUP3NPjxlTDv9dvozjrBju62Y2j_LUX3UqPpT8IdZFrvuQnExZZZ8LF1V3w71o1WVDOSGDj_bu3uLPP9NakV7NPdavPU_JCZ2jrbAB0A9I4ZWLN_ygLX0k5Ex71JBszPGjIrATvHxkrUDu3ONgqoO4QPAIkBJDM-yPGqczxy19s0URLXErl7cnb98FHWL3VZAteT7Wfbh_kk4QaSdnR3zrpc0pZXgrii2a9DD-yAHlWeTw-83Y_Oi7NxZMHzpLvJwpicjuHoBlZ-asHa_CNBcEVwWon6URnq_WKFP7eQ8KiLpAqE4OWalPJjz-8m9EmWN8igf2GihQZxBryYLOw9BaMUYecrRqqTMJ0wFYr5YEQclCPZizojF1zEfhO9EODoI66Fx4zp6vlH_fm9D8MrJYpcdfBmTyzUfpTuzhSvFncts0wcuuA9doJYkhDncLIHKVOJfhQtd0IVFATgihSrSO83HoIo8s0k9HJZCioFxr9e0YWLLObEDaX7zJI8rV-8fW6ohLffqiU7B_Q_1IwtbelGsH4-eCJCJl90wt2un1pE9UaHhTIWAA-E2y8TJ8dwvYIMZbxpDJmngIRCMkdOqhqZfCqr4F8oUzXPP-mFwjj_0DLJ4EpGNQ2TZilH5DnmrMQGWa9bhoNsOVpQa8qHFgaT-BdyFwtMgp5wPXjuPKDgjsMNOcgPZAq2rrVCDLsUyRF5F8vbLDo-nTWFY6yQ
Requested by
Host: da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
URL: https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
choices.trustarc.com/ Frame 3338 		0
0
get
choices.trustarc.com/ Frame A976 		0
0
get
choices.trustarc.com/ Frame AAA1 		287 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&w=300&h=600&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Apr 2021 21:17:55 GMT
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
server
nginx
age
1519325
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
MAD50-C1
content-length
287
x-amz-cf-id
gbCY-LtA8qK_bL1a32r_oBWBCP6MCiC83-f4GZg3o73dQg2cuvRXuA==
expires
Thu, 13 May 2021 21:17:55 GMT
get
choices.trustarc.com/ Frame AAA1 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&w=300&h=600&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 10 Apr 2021 21:15:55 GMT
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
server
nginx
age
1778645
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
MAD50-C1
content-length
739
x-amz-cf-id
pFFOsvVyDqx6mFEXwvcHw39p54J7iHj6Tk8irqjvqZiGDoc_r2uG1g==
expires
Mon, 10 May 2021 21:15:55 GMT
get
choices.trustarc.com/ Frame 5D1F 		287 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&w=300&h=600&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Apr 2021 21:17:55 GMT
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
server
nginx
age
1519325
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
MAD50-C1
content-length
287
x-amz-cf-id
lIBrbwrPAHEWCPzq6CP55Ly91hK4dgC5htk7w9js0431auZaeiNB0g==
expires
Thu, 13 May 2021 21:17:55 GMT
get
choices.trustarc.com/ Frame 5D1F 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_zxwafu67&w=300&h=600&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-44.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 10 Apr 2021 21:15:55 GMT
via
1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
server
nginx
age
1778645
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
MAD50-C1
content-length
739
x-amz-cf-id
SAhz00xvv_aGkUFqeUx5ZfoQ4a3fYdMzbU4dF2D2EtmJTs4cDljAsg==
expires
Mon, 10 May 2021 21:15:55 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=21fe866f-b41f-0d2a-f0c6-94cb26e2c055&tv=%7Bc:bmFn7R,pingTime:1,time:10057,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:4437%7D,%7Bpiv:100,vs:i,r:,t:9041%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1016,o:9041,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4437,wc:0.0.1600.1200,ac:3.20.300.600,am:i,cc:3.20.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B4649~0,2~100%5D,as:%5B4651~300.600%5D%7D%7D,%7Bsl:i,t:9041,wc:0.0.1600.1200,ac:3.20.300.600,am:i,cc:3.20.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1014~100%5D,as:%5B1014~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:200,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C194%7C1a1%7C1a2.697509-54255739%7C1a21%7C1a22%7C1a23%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l*.697509-54255737%7C1l1%7C1l2%7C1m.697509-54255737%7C1m1%7C1m2%7C1n1%7C1o1%7C1p.697509-54255739%7C1q,idMap:1l*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
x-server-name
dt32.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=21fe866f-b41f-0d2a-f0c6-94cb26e2c055&tv=%7Bc:bmFn7R,pingTime:1,time:10057,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:4437%7D,%7Bpiv:100,vs:i,r:,t:9041%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1016,o:9041,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4437,wc:0.0.1600.1200,ac:3.20.300.600,am:i,cc:3.20.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B4649~0,2~100%5D,as:%5B4651~300.600%5D%7D%7D,%7Bsl:i,t:9041,wc:0.0.1600.1200,ac:3.20.300.600,am:i,cc:3.20.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1014~100%5D,as:%5B1014~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:200,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C194%7C1a1%7C1a2.697509-54255739%7C1a21%7C1a22%7C1a23%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l*.697509-54255737%7C1l1%7C1l2%7C1m.697509-54255737%7C1m1%7C1m2%7C1n1%7C1o1%7C1p.697509-54255739%7C1q,idMap:1l*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,metricId:grpm1,cmr:t%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
x-server-name
dt31.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=9dbd8fe8-624e-3760-449a-896d372383a9&tv=%7Bc:bmFn7T,pingTime:1,time:9963,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:4420%7D,%7Bpiv:100,vs:i,r:,t:8952%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1011,o:8952,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4420,wc:0.0.1600.1200,ac:1297.20.300.600,am:i,cc:1297.20.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B4559~0,2~100%5D,as:%5B4561~300.600%5D%7D%7D,%7Bsl:i,t:8952,wc:0.0.1600.1200,ac:1297.20.300.600,am:i,cc:1297.20.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1010~100%5D,as:%5B1010~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:200,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C194%7C1a1%7C1a2.697509-54255739%7C1a21%7C1a22%7C1a23%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l.697509-54255737%7C1l1%7C1l2%7C1l3%7C1m*.697509-54255737%7C1m1%7C1m2%7C1n1%7C1o1%7C1p.697509-54255739%7C1q,idMap:1m*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
x-server-name
dt62.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=9dbd8fe8-624e-3760-449a-896d372383a9&tv=%7Bc:bmFn7U,pingTime:1,time:9964,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:4420%7D,%7Bpiv:100,vs:i,r:,t:8952%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1012,o:8952,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:4420,wc:0.0.1600.1200,ac:1297.20.300.600,am:i,cc:1297.20.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B4559~0,2~100%5D,as:%5B4561~300.600%5D%7D%7D,%7Bsl:i,t:8952,wc:0.0.1600.1200,ac:1297.20.300.600,am:i,cc:1297.20.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1011~100%5D,as:%5B1011~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:200,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19.697509-54255735%7C191%7C192%7C193%7C194%7C1a1%7C1a2.697509-54255739%7C1a21%7C1a22%7C1a23%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l.697509-54255737%7C1l1%7C1l2%7C1l3%7C1m*.697509-54255737%7C1m1%7C1m2%7C1n1%7C1o1%7C1p.697509-54255739%7C1q,idMap:1m*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,metricId:grpm1,cmr:t%7D&br=u
Requested by
Host: www.dailymail.co.uk
URL: https://www.dailymail.co.uk/wires/reuters/article-9529785/After-masked-bunnies-Belgian-artisan-shifts-chocolate-syringes.html?_hsmi=88974744&_hsenc=p2ANqtz--Uw_Q5orYjasUNS3KrGEf6iKbpJYvCs_BTW_WWtmiJPXW_eQ9N1r9Kc_vca8eAKJoIyj0clnWfJG9S0vcYhEig2VYRb8dvgx9riaXtTAzFY1mFyyY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.234.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:00 GMT
x-server-name
dt63.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ca
choices.trustarc.com/ Frame 42A5 		0
0
ca
choices.trustarc.com/ Frame 42A5 		0
0
cap
choices.trustarc.com/ Frame 42A5 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 42A5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvh63uKck-WNyYBXw6X1NC--h_2emm3aC6YmDW8oeqwhctznKQ_0nCCS3jVAsVf_1GY3YNhK0z11h7Y5kvyD4m1opGxRZDm&sig=Cg0ArKJSzKSeDvXHUmI6EAE&cid=CAASF-RosAKOGq7VOK4nhj4o9txCSrT319kD&id=lidar2&mcvt=1007&p=945,1223,1195,1523&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20210430&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3910603722&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1619867998370&dlt=167&rpt=1&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
link
t.skimresources.com/api/v2/ 		22 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/55199X1584066.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:02 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
warning
299 - "Deprecated API"
alt-svc
clear
content-length
22
page
t.skimresources.com/api/v2/ 		22 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/55199X1584066.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dailymail.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 May 2021 11:20:02 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.dailymail.co.uk
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
dt
dt.adsafeprotected.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
klkstrm.kargo.com
URL
https://klkstrm.kargo.com/event/boot
Domain
clarium.global.ssl.fastly.net
URL
https://clarium.global.ssl.fastly.net/?wrapper=pkity_Tu7korz-AKdcG26RZexkw&tpid=cGtpdHlfVHU3a29yei1BS2RjRzI2UlpleGt3LzQwNjI3NzU1MjozMDB4MjUw&d=eyJ3aCI6ImNHdHBkSGxmVkhVM2EyOXllaTFCUzJSalJ6STJVbHBsZUd0M0x6UXdOakkzTnpVMU1qb3pNREI0TWpVdyIsIndkIjp7Im8iOiI0MDYyNzc1NTIiLCJ3IjozMDAsImgiOjI1MH0sIndyIjoyfQ==
Domain
p.skimresources.com
URL
https://p.skimresources.com/px.gif?ch=1&rn=7.763893623327633
Domain
p.skimresources.com
URL
https://p.skimresources.com/px.gif?ch=2&rn=7.763893623327633
Domain
klkstrm.kargo.com
URL
https://klkstrm.kargo.com/event/sync-success
Domain
aud.pubmatic.com
URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=5731BC14-BF69-4F9B-A889-B31B0AEEC862&addseg=20
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Domain
px.owneriq.net
URL
https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55986/sync?uid=YI05YgAAlzj4vABg&_origin=0&gdpr=0&gdpr_consent=&_test=YI05YgAAlzj4vABg
Domain
choices.trustarc.com
URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
Domain
choices.trustarc.com
URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOq1x4km05Jjw2BoP9aDoow&google_cver=1&google_push=AQvitUJufjXIf0Gt26nJC1FNseDPQyTUN446a3mvszd6imvM9ss-l-sKdsIrV59_3sTovkQ1VMFrLUR0S0IhLBZ89wG40EaTMUHX
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGPBDdwvJPtxw2jo32DgBFU&google_cver=1&google_push=AQvitUJnz2yVmcLo57XgmwN4uZmjUI-FPaLYv9WEvLTRecP5SUX9kusmgv9tbTZ5ovaMtJ3HTCMN8MgHidndw8UTBJ8Z2CziSKa8
Domain
choices.trustarc.com
URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Domain
choices.trustarc.com
URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Domain
choices.trustarc.com
URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_sqh3smbl&w=300&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-9a9ebb4d-5096-4685-8879-08d2309b2fe2&sid=0
Domain
choices.trustarc.com
URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_sqh3smbl&w=300&h=250&c=tradedesk01cont1&js=pmw2
Domain
choices.trustarc.com
URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=6dt6nwp_mcjg006_sqh3smbl&w=300&h=250&c=c178
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=697509&asId=c10c72a7-e44e-d8af-4335-c404198b1ab4&tv=%7Bc:bmFnEy,pingTime:15,time:17908,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:2704%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:17908,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:2703,wc:0.0.1600.1200,ac:315.197.970.250,am:i,cc:315.197.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15284~100%5D,as:%5B15284~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:245,fm:sw9OZ22+11%7C12%7C131%7C132%7C14%7C15%7C161%7C17%7C18%7C19*.697509-54255735%7C191%7C192%7C1a1%7C1a2.697509-54255739%7C1b%7C1c%7C1d1%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l.697509-54255737%7C1m.697509-54255737%7C1n%7C1o%7C1p.697509-54255739,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=u

Verdicts & Comments Add Verdict or Comment

252 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| disableAds object| PageCriteria string| PUSHLY_DOMAIN_KEY boolean| useGpt boolean| ANDDebugOn string| s_account string| s_account15 boolean| haveRenderedSponsoredPollOnPage boolean| useRtp string| twitterVia string| adReferrer string| adType string| dartSiteId string| adAreaSiteId string| adAreaId string| adSubareaId string| adPageType string| adContent string| adSection string| adArticleId string| adEnvironment boolean| enableAds object| webVitals object| RTA function| setImmediate function| clearImmediate object| regeneratorRuntime number| s_objectID number| s_giq function| AppMeasurement function| AppMeasurement_Module_Media function| s_gi function| s_pgicq object| s_c_il number| s_c_in object| DM object| _ object| MobileUtils string| searchTerms object| dm string| refererHost undefined| docReferrerHostMatches undefined| docReferrerHost object| pagemeta string| feTag object| s_i_anddailymailprod string| molMVTest object| adListLoader object| adsDescriptions object| adsRenderer object| DfpServer object| adsTrackers object| AdIntegrator object| AdBehaviour object| AdImpression function| AdEvents function| openAdsControlPanel object| permutive object| googletag object| pubcid_options object| _tfa object| adsmtag object| __gcp object| pbjs object| _pbjsGlobals object| Criteo string| currentChannelTwitterFollow string| inlineModules object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| _gaq string| articleShortUrl object| _taboola object| Ext string| id function| $ function| jQuery object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| hulk boolean| DotMetricsInitScript function| setKargoCookieClickthrough function| _typeof object| TFASC object| TRC number| taboola_view_id object| TRCImpl function| __trcError object| _fbq boolean| apstagLOADED object| apstag object| ggeac object| PublisherCommonId object| _gat object| gaGlobal function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression boolean| CLOSURE_NO_DEPS object| SpotX object| _tblConsole undefined| msg object| adsm function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106 object| FFF object| adBlockQueue object| ABE object| DMS function| emailArticle function| postToDiggit function| postToFark function| postToFB function| postToLinkedIn function| postToPinterest function| postToReddit function| postToTWTTR function| ArticlePage object| DMArticleDefer object| DMDefer function| videojs number| vdata1619867979944 object| pkcs7 object| Mustache object| TINY object| FFFOverlayHelpers object| s object| closure_lm_954778 function| submitReportAbuseFunction undefined| initialData object| DotMetricsSettings object| placementData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| closure_lm_993720 object| DotmetricsJSON object| CryptoJS object| DotMetricsObj object| Kargo object| _tlImpressionBusLoader object| cmTag object| _cm_wfCounters string| lastWfUrl object| tlJsonp95 number| _tlTagsPending object| _moatApi14862356 object| closure_lm_736617 undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA object| ampInaboxIframes object| ampInaboxPendingMessages

0 Cookies

42 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/VWh8fX31TdKtW7ZstM78dbLYxW8ZpTlp4r2CTbN9h9bJB2-Hx1V1-WJV7CgGPxW3Hc7YJ82_jsNW5Z5f4914ScCDN7MyDM347TtfW1Rb1p54DvdTrVxz1vw5TJ8mjW9c5Tg-7vZybqW1tqcP_8y4ymBV88PNM2v0n1KW8Qkk3Y1pKWqDW5PtYdt6cz3Y3W4VqHyT8vFXmBN8QD1zfD2m4XN1BSjHkGtn47W1f0zv86bP_M-W6Ghzz97gT_t-W3KRf1T3QbTgvW1t320X6vgt1wVNcHsd4dz6SQW2B9skM6QSZk6W6Ycn9G7LhwKvW7bRlz_1QG4dxW8flbSB73sn3KW3n_YyT3rjPQZW2YjSfr5gMtcJW74gWz56SxDMbW4BbTw67GMBrcVpk-rH6KXXdCW3PQ1w_56Ly4xW2fqwGK9htbZYN1B3YS4DpYc73kjY1(Line 13)
Message:
toS
console-api info URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.13.0/desktop.js(Line 1)
Message:
Current log level: ERROR
console-api error URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.13.0/desktop.js(Line 8)
Message:
[mol-fe] ERROR: Error reinforcing cookies TypeError: Cannot read property 'getItem' of null
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
unabled to parse repromptVersion
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
Error calling pluginSetup on plugin 'tcfv2': TypeError: Cannot read property 'getItem' of null
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
Error initializing plugin "paidSessions": TypeError: Cannot read property 'getItem' of null
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
Error initializing plugin "abe.conversion": TypeError: Cannot read property 'getItem' of null
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
Error initializing plugin "analytics.cacheIndication": TypeError: Cannot read property 'getItem' of null
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://scripts.dailymail.co.uk/static/mol-fe/static/mol-fe-sync-bundle/5.13.0/desktop.js(Line 8)
Message:
[mol-fe] ERROR: could not find Omniture visitor ID
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
Error: Exceeded 3000
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
[players.onlyOneActivePlayer][🔎] giving up awaiting for new paragraph, article might just have ended with no suitable placement Error: Exceeded 3000
console-api warning URL: https://cdn.permutive.com/5f42864d-a421-4f37-9478-00266f871d68-web.js(Line 1)
Message:
Permutive was not initialized. localStorage not supported
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
[players.onlyOneActivePlayer][🔎] Error: No end point registered: ["get IrisTV tags",null]
console-api error URL: https://scripts.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js(Line 1)
Message:
Cannot read property 'getItem' of null
console-api error URL: https://scripts.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js(Line 1)
Message:
Cannot read property 'getItem' of null
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://storage.cloud.kargo.com/ad/network/klick/klick-dailymail.js(Line 1)
Message:
Could not create local storage item TypeError: Cannot read property 'setItem' of null
console-api error URL: https://scripts.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js(Line 1)
Message:
Cannot read property 'getItem' of null
console-api error URL: https://scripts.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js(Line 1)
Message:
Cannot read property 'getItem' of null
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32)
Message:
a: 0.001708984375 ms
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61)
Message:
13:19:55,012 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api error URL: https://scripts.dailymail.co.uk/static/videoplayer/6.12.0/scripts/mol-fe-videoplayer.min.js(Line 6)
Message:
### Video ads error [object Object]
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
call for page analytics TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot convert undefined or null to object
console-api error URL: https://scripts.dailymail.co.uk/static/mol-adverts/demo/next-release/a174b6cfc/mol-adverts.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.sportradarserving.com
a.teads.tv
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
aka.spotxcdn.com
am-match.taboola.com
am-vid-events.taboola.com
aud.pubmatic.com
b1sync.zemanta.com
beacon-ams3.rubiconproject.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.go-mpulse.net
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.stickyadstv.com
cdn.taboola.com
ce.lijit.com
choices.trustarc.com
choices.truste.com
clarium.global.ssl.fastly.net
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
connect.facebook.net
cookie-matching.mediarithmics.com
crb.kargo.com
creative.dailymail.co.uk
crta.dailymail.co.uk
cs.media.net
csi.gstatic.com
d5p.de17a.com
da99d92918d493f671c8393ee832c30e.safeframe.googlesyndication.com
de1-bid.adsrvr.org
dis.criteo.com
dmp.brand-display.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
e.serverbid.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
eur-ukp.adsrvr.org
eus.rubiconproject.com
fastlane.rubiconproject.com
fff.dailymail.co.uk
google-analytics.com
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
hulkprod.anm.co.uk
i.dailymail.co.uk
ib.3lift.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
info.silobreaker.com
js-sec.indexww.com
js.spotx.tv
klkstrm.kargo.com
krk.kargo.com
macro.adnami.io
mailonline-uk-d.openx.net
match.adsrvr.org
match.taboola.com
mfad.inskinad.com
mwzeom.zeotap.com
odr.mookie1.com
p.skimresources.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid-server.rubiconproject.com
prebid.adnxs.com
prod-m-node-3113.ssp.yahoo.com
protected-by.clarium.io
pubads.g.doubleclick.net
px.owneriq.net
r.skimresources.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s.c.appier.net
s.go-mpulse.net
s.skimresources.com
s.yimg.com
s0.2mdn.net
sak.userreport.com
sb.scorecardresearch.com
scripts.dailymail.co.uk
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secured.dailymail.co.uk
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.criteo.net
storage.cloud.kargo.com
swa.and.co.uk
sync-t1.taboola.com
sync.mathtag.com
sync.search.spotxchange.com
sync.sxp.smartclip.net
sync.taboola.com
t.dailymail.co.uk
t.skimresources.com
taboola-supply-partners.tremorhub.com
ted.dailymail.co.uk
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
uk-script.dotmetrics.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
video.dailymail.co.uk
vidstat.taboola.com
wf.taboola.com
www.dailymail.co.uk
www.facebook.com
www.google.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
aud.pubmatic.com
choices.trustarc.com
clarium.global.ssl.fastly.net
dt.adsafeprotected.com
klkstrm.kargo.com
p.skimresources.com
pixel-sync.sitescout.com
pixel.advertising.com
pm.w55c.net
px.owneriq.net
s.ad.smaato.net
secure.adnxs.com
ssbsync.smartadserver.com
104.111.230.142
104.19.149.54
13.224.105.229
13.224.106.44
13.224.106.70
13.32.21.23
135.125.8.70
141.226.228.48
142.250.185.194
142.250.185.98
142.250.186.66
142.250.74.194
15.237.136.106
151.101.1.194
151.101.13.108
151.101.13.44
151.139.128.11
165.227.252.242
169.50.137.190
172.104.105.5
172.217.16.134
174.137.133.49
178.250.2.131
178.250.2.151
18.156.139.73
18.185.192.106
18.193.33.250
18.195.155.181
18.195.223.2
18.197.47.23
18.197.64.250
184.25.115.31
184.30.21.112
184.30.21.51
185.255.84.150
185.29.135.233
185.64.189.110
185.64.189.112
185.64.189.114
185.64.190.78
185.64.190.80
185.86.137.110
185.94.180.124
185.94.180.126
185.94.180.128
192.132.33.46
198.148.27.139
199.232.137.44
199.60.103.2
2.16.107.122
2.18.232.234
2.18.233.180
2.18.234.21
2.18.235.40
2.18.235.93
2001:4de0:ac19::1:b:1a
2001:678:cb4:bbbb::11
213.155.156.169
213.19.162.51
216.52.2.48
23.21.47.204
23.79.143.124
2404:6800:4004:81c::2003
2600:1f18:612b:4264:7659:1bf:d736:fba9
2600:9000:2104:5600:8:48e:53c0:93a1
2600:9000:2104:d000:8:5c85:cdc0:93a1
2602:803:c003:200::77
2606:4700:10::ac43:db6
2606:4700::6812:5ba
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::2006
2a00:1450:4001:813::2001
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:831::200a
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00:1a0::11a6
2a02:26f0:6c00:288::16c2
2a02:26f0:6c00:2a6::16c2
2a02:26f0:6c00:2b9::11a6
2a02:26f0:6c00::210:ba2a
2a02:26f0:6c00::210:bb78
2a02:fa8:8806:16::1400
2a03:2880:f03f:1c:face:b00c:0:3
2a03:2880:f13f:83:face:b00c:0:25de
2a04:4e42:1b::621
3.121.105.52
3.121.70.57
3.122.57.214
3.124.9.99
3.125.253.138
3.126.56.137
3.126.6.158
3.82.234.236
34.241.183.220
34.252.153.38
34.98.64.218
34.98.67.61
35.156.217.79
35.157.13.124
35.157.246.167
35.190.59.101
35.201.67.47
35.210.239.72
35.241.40.233
35.244.159.8
37.157.4.29
37.157.4.40
37.252.161.190
37.252.172.38
5.44.20.105
51.75.198.14
51.89.7.198
52.29.183.32
52.57.128.70
64.202.112.191
65.9.84.12
65.9.84.35
69.173.144.139
72.21.206.140
76.223.26.175
77.243.60.138
99.80.67.138
01ae4bee7f4b463778e1e929d83b4eedcaf598d05ae8e748030259b5b5f0b083
03482ceb4519a7706406f47e5992b55e9e5974abd56c45af482a7e1a09d836e6
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
060b84c1bf53e12b7dbf7e3bc9a16f0b49b3f5f04f23780a68db74a5b9d0eb07
063a084118208011f82e42dd9ca1b611fa5faf5c9e821b8d5344883755882c8d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08cbadc6957dd17b23964ba5763146e595ce4be96dbbb12f297909b1f70eff25
0909bafa804131db2f7e58c3f810a9df87603b094dc90f7d36421f52d0b8f185
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
09cfa1d73642a98b3df37eea490ea9801e0f943d5f48fbcba0b4a274adfa0190
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b7e7d1bedae2fca5895468c68d7a3f06c5fa573a19fbdc1ea4da51441d59458
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bf60782546bae441a6ce4783c2169777d728af37759e9805acbdaa48122cf36
0c7912ff68380c2a84d28cf812215fb6d230d5750f9f67b328970e01d0da5a37
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0d39a4928cd2ceb6b231d1cd0a37543490bc01d1c0fa3dd5c39b830cdeac888e
0dbc6e23e0ad3a671c3246813fdf306b803118f2d3a3cc74fdfb97c4bf9e05af
0e3cab5c0fd33b6612d1d8852eeac9df1678260388794fa2cad6fa993355192d
0ebd517a8c218f4b3553fecdd2a81d13d2ed81475b8a188755c7b4cfe67fa1d3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
114ec06707c7a769f1ac17af93d6468bd79c412b1b654c67cf5c1f537955facc
12428d09342658cc26a1b6b21b9d2f495dacf4e80332749d2dc095ca2dd4f160
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
133b3bacacebea730035c2d4391408b8f728329ff8d30ad2ca1a31c13064ec34
148874d39f6b3a8604959f4584ad2bd3c1d9604dea491c80bcde27ea3e2e780e
16c5a237be7793a91007520ce4a4bac39d2cb374d602152dd883bd4b8cfefbc1
1787aacb2efc4aa019d5c714f1bd3dc833f12a25e40e7cbb24b28febc66683eb
17a993dea2476340f54b9c325183cbb3e205cfb599579820da8c1370d214ae09
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ce781952f415504a302be7db44d05aaf6306e103c8ac7da42896488695b289
18e191c43dec608d1fca002d0ba4fb4ba266ebe65996e8d0630d9c4f061921ae
19261f4b4e4e062664871b2d3837b4ce34a65c6e958f6fa8a31be2e876a65f2c
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c79b1f71dae647c333ddab905a2900d30c304c6538f327280b6cd2a3d291547
1fb2f23d1d0c536c1c4b208a19d98a74329a20ebebed72cff7046393f16846ff
2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6
220ef54267de85bddcdc870d2bc59ac81bbd4ee94c3676d9fd551153da43d61c
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
256588948466e978e3e24939b7cdd4fd37a81a7abe954d4d74d64e447dd9afc4
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
299721258a5ed91bfd24026f566cce2ea21e3daf377a0891e5711b98507236e1
2a2d04bb04d52ca53c1aaf2f8de8574e929f1136e08c828f36bfe0b03d588835
2ae4f287a8cc4e78d19785c862433cf8076b19a845b547827371df9db9f35749
2b4c51e20c3a25b89f20b99c844bb6e40eb5466714ade210863e8e2896c4c962
2ca29363c249440ba24111b07e83d1c723d013d039a1bfd9ad3b6fa77168c9e0
2d88ce65d8baa15a95cf29ce4051608a58f17abb661083c13b3ef9d2f9cbcc7c
2df87bed09669cf774e92facef9885402d620431463aa58fec771a2f2ab13f57
2f59ac8dad7d832c75edc7cf917c512a3788d03ce0862b38c1bfccc54eb01d10
31f2b7d63be15672e28920924199ee7c45af9aaa0264b8f1bc967e924a89fb71
336dcb93aaaa41e47c5c3c97a5eead2f11cb13bbea1258302b31e8d878051fa4
3381376497b5b338f301a29f4b399d81331e55a568f02df5db466149e5826f13
3c0306dccdca01e0d30f9d03e8edc86552b9b3c1b5f1f2d9b262fd9025cec637
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e589793e1e9c8b771d00aab364191ca3662933e89a37822e495d6507b0ad1f7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5cad83cc6708632a79adb075c9624c48576616011ab539f3a6a5fd5e2fe9b7
3f7f300f6aee3d3e76842f0545c149cd6fe835c2f9290ce1a19526e5356cc329
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fec21ad311f24b8f3aff8103bf76301ded15af23a7838e736439b131d07b212
423bbc65ad9d29dbe980ebaee9f8fc188ff52d36ec83e2e361c252a3ec333a4d
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4717410c1ef684a572d4662c8bc6860a753e6ea7e9640d699c4f2a0e4d08c9e2
481fccb8c7af1757fd4746a1a7fd818c6a3a82e2f1048f31358d6e6339b2b156
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49c9828a7abac5e237aabb2f4af9c17f4f66f7b6446fc84cb7e8868f0fe8c829
4a8fb38a9ffd6c70859545fe16b4bde2e8ddbddaf37586f8727402d25a50fd79
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcbe28c69dd269aad5a4136091655b9984e79f834c7c70279e2c3180da78ff5
4c3cce7c2373fc4acb18cddf35cb7c8b28fea5e8ba592c520168c79a05cdb7b4
4c5529c7339c4bef0e8b52e56c609607600040a2d6423060c21075d58ded81e0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e89866ffba8b06a31d366ea9f6f5331f87fe29877bfce5381b78a46ddb7fd19
4eaa63fe224cad73f3348b716855de0ace8a3169abfc0d7b2845d083172f53dd
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f989db91b6d3409724a2653e7ab57170232aa6cfcf2dae0a229ac453ccc932f
4fcc407303f5f8b69da23d51842e3cf7d137e13d93e54599ac667a8cb410d1aa
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
521a55eda34d69a18f2450b0bcb0abd3b02ed8ece6cf788568ba5a8ce17ed267
524172820f1e16e4d6fd4caf87122caa02a45062928aef32afbbd5ab1a825566
5268b13e4083e880105c48eb2350799a7a73ccd3653d458d9e4296a7e8b59c06
52efd6959ae8fb441d9b7bce3624bcbda0b601316751028b16b31484124019c5
541c63ae81fe7799a19523dc8f2500646043eaa70d36985c3f2fc86264e4e71e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55ac332dc42d47f18809130ee91be50fa5c4fe29a36b93de55f0293ba6dff416
5662b58830ab9ddbde71a3884a9919785474f902569f426d7c37cabdc8032207
570bb995124975019ed4b5be0581045b5720e319f83af03806dba96cf797db0d
57594dcd51835dd92cbf5bbadbb088ed6d3e987658cc618665d36d9c5e0b8061
5887b03f44a197fcdc5400caec10de1c69f29619c1fdc868d4d461130e0f9efc
5cfa26c3b2245921ed8900f3d9345c0ea6fd41f31f6322811ecc8ac86569d635
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5db293d683037bfdacab006bd2c9c1c80e854b99b8540a516d0dc35deda16f47
5e8aeb859e55a6671b89115d84e0fd7e5435ea99b3b49e7ebd3d4c22e41185e8
5f377305321545d6bcc612aed845c3b6982a52482d92df97fd7905dbd0d73f63
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
62675c01ca7a9e7af102c699f55fa970eee7f0106984839722e018e733744c03
62946642cd145d13a817d8fa5fccfa08ac7a27b20dac836159c6ce0e6ae07a81
62e5b5020499d0dbd26922152f199b559ee4922d9132b4242364edf88dc63121
631d0d915e88ed5a537a9d18107d8d944b7f5f6e7b22d75ddb174cdb65092e27
63f069d1fb3fa6263a6def2576d4fed2f8f161a21477390f03501578499dc84c
64024a86bb051953d9410fe2648b026f5d2060cd4719001a053ee143d8847cf0
642a4f82a2ec7338ddcc53a79ede06dd129cdedef7e4b101db03af992bbe0940
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
67ad4d306a24190090dcf06e862493513527c0f52690b97e03a09339c4857bba
6885f0f9e2471215c58c630a45a4c52d421166db93b2f9388a96e122c9176ee6
6924aeec6e6de01dfd439327c170d8adc2f9dd8415e9903e3b24f2c3b6506389
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69596c3d04dadbea44e08cda9497db53593ae425026fc8b124968891d56628b9
697d6bb9fd14c8ac3d6278c9c0a67d7fbe3f4b8c8fbdeec0d488d2ac6ec204de
69b1d5b1045c0801b1c3edaccf745f7ebdb2a128dfb22ef1e10c6a18dcb39e23
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b8474a0f9c6b3c69e02409f7eeb8faa908b8b18e64fdf7cc88a9129585fc7c3
6bc89bf5b7cca649733efaf7dec08109b5371ecc76fe28cc7b52e83fcd5c0601
6cd3e57958fff1231b06f2b4db548a9be8702477debe8aed33fbb0329e75cb30
6dd591aa90531d89727f63bbb252dab5d88dde8dc23af6b1f57afdecae2eee16
6f5f82397546652004d9f320804e46ac4cad3465ecbc1d78f850c5ab450be737
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
700c258f4975230e604cd13759cbc6527165077339caef8f8d2cfa3f0c6f3adc
703b3df998bdb71d329c999f11d766507118d77b2507d7a097ad8107b915bc94
7065188085b63635ea211954d714fffc8d2ad4555de60cc6492b638769eeab2f
723049a80d7c8ffab8a91f797c9dced4ea4762586fe922478a19c2cdfd4aaf50
726f186f749f04093f8f5442915fcfcdaa41e9bd78498c0523a52a5a7f1a282e
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e
743a6a4125121c2f183f8ec197fe6277221dde7eb26effc9a6e605dc0c68bff7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
766c30b8b4535c0c25d430cf10afeb425699c6b003f0d3d45114369e8879d633
77f951b4aefa28403632bfc068196aaf2051e44078527250c041ad4930d4e186
7987f06211abb460b6da41416c608ae309378d5f1ead5c75d287b503a11af895
7a745591034534431b4e5e32815599cef3101631f9e6a9052a687d96dac1a3ea
7b445c83161b602511d65aff8f29308c3e90187bfe5b9b7f0d1844d399e75cfe
7be7e1b14cfccb20bc6cf40de595e1a6ea0d925082b2fb3d432d130ad0981ed5
7cd1fd9aae4554ff3bd0d292f979faafeffc87e4fa830d58f607549a9d5a5ea8
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7ecc225ac537349228900abe7b7b30a6e1612b3d7b8011d526ad609dc4062a0f
8037a86a7e8f1da2c1e314d037a3af02b25696963aaa39f6b81c236d5f59ce09
8049ef3773c582d7eabc23fe73d28d5c60421adbd5fbda49e38f096891182cae
81ee11f8c5e5ef5a7f3d4bec479736b89b9470e77f0d281923bb67ba362f9577
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835f1dfc4109c578b77ba1b24a70cf3c07e73440aa65a94c329c29f763423bc5
8543a7318d934abb59e5167572998529ea2cc66f1335189aea7d8039f7c1b260
85d54a4894439469eeac485118e1933842ab63b2a1777501f5caa1b38a03022f
888db2f2fdff7b451b5f49a60c5911f37c8c759b0abfb7a09bacc59042c5c835
88cbc108043a4e4be9853ec26fb75338fa01546430bf9ee1ff83e697f47438ce
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89b6173a2468b8339a3f887a94cce3591130d98ed2a15c418c870ba98e0a2047
89db1083db4741cbb8efac4796e50b7b8ff0f16c459fa9b8ce91089e6c8f3b41
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a768639a525014229e8ffc891e4667d02da7e2f3d37259072fe3dde1def9811
8c3d6f983cfa327c5bd72cf1758aad3f7a70f3e3895e0939c1f34c803377795a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
8fc03ee75325911fa952d8c176671e6254779221cd1432f2675ec3449489ef67
902899b8dd3a6b30f6bc1be0f39f48ce72d0c41357d8bf521cd86f58bb633b7e
9263db0b2c4f539e35eb38263ccb29c19123f3fd6b845ae2808bfe6b6a81f867
937a6772f22494611163711b3be596523a70d4352fb2f1126242c8b5265e4285
94597c556eef4fd01fe311a447e7669584180256fd43b20d63891a163816283e
9477c7c5e3bde8486b460eae7c614096db478d2fe558511545769acf955b1883
95d607220b1d2e7808de3ec9a6381a11f036d9d84f37f7b3a604b1f91e8d4ecd
965d8f580475533a5f086cc3d84c5b50b3dde5cde78959fb2a1261bcbc8e34e7
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9752950eb7827c079b475d94b918caecce5c4bbedd4569100a8cb25f08cb5ae7
981793c8e58a9ebc2fa825db3f2e1de282a682d2158238d497cca1af74844116
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98f2c6d677dda757b8c5486a21721ead1ecd4d722331a05de85e4b530be096c5
991cd2d69556d771f42364f7b0f3c31c26839438d4be4ee7daa286ba6d5aa921
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ca078abb8a5179b1eb392261e89c883c62765b4cb4c7fe026955c7701569e03
9d701bd91c5953c8bb6e194644fd8edde2f7d0b28a242add279f9b26a04fb36b
9dff2251abbde2c57b87b8e340e8cc695637fa72f8ff311c61c37b97ec5810c1
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a00fb0c50741f81bb51d35b4475a4357f8039aabd896a21036bc516839401595
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a3aa2a0aa71c8aabdf1a044c3e0e1c70679aaf8a90552a2444f02510949ba223
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67c12faf4b06f2d477080460684bc6552c982a5e29441020a602727ef4163d5
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa311626bcbad0472a847cbf26d5f3e661504a0d3c0650ba6ae9391e63fd2f75
ab58c78dfb722588d6b50436765847f9fa48ceaf740d3b7a71a47b4751c4d439
ae96e5ce3be586ef11595217226c38acf52b69e3d5b539d01c8f6a3d88f77f15
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
aedf94ad839f3db31848e2b9659dd2b576b7047ea6638988aacfd782df9d8c8c
afd2447f77118df6fd4b8710c2b23e7bb4edb557795c643e3d8a7c12df4e6586
b0a9ac514283709cb85750e1a15f4ed549be7d0caa7711a70a3249d15538ac44
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b27cc2654c00d737f49cb68b74ba7893c151612b1ad52543f4691f67db0cdf97
b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331
b7059139aec74a5f68b849c37e43e298d256896d8589cd3270cd12e9ff625160
b707cea228ebd1afe82a1840449e8c14d79bb62ec828d1ca7c3b6832a6905133
b8944e3a4bfa1bb3974a9e35f47acd7878cec7b4ab6b1cb3df9531709eda1781
b9139a1037fc1da24590c55c9f12e7858663f52ba30bec69484aa948b3fcdf46
b94472d780db3b45c0920bb2dbd0cb57660d80671491ada0ef15776f3de9e812
babed8ddf22ed2e66590a4f75773661304242a4f4167d52e165652fee492933e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5d20fb49d4787b61ceec7d24c5b417a21aa0356703616191a79bcd97f048ea
bbc4caa1ce5f1010fb707cff14d70ad9f0aa9409d9e19206c1e8b84abc76ca12
bc1eee1350d1c547ca6ee337f6cdf21fcf6468d829dcb672c48580cbb6d1e2c7
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be6aaae29a207bdea28a1e545c6f5652abcd30845290ec990892805c895d78f6
beb8f13e1d8ba94cff41b15550fb8091ebd72488d9f7a9bb72345d34427cfd66
bf22080af1dd5b7d5275ff3b9759a571e9a765d096201d937eab3380aac10de5
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36043d0e048cedc43144411dcd8a8f1e73a40d225e2d016ff86c2f9b497cdc6
c64308e6ed3ab4dc8c78868174040d8d09546ea9e6ab19682285a675897edc98
c69312b8ec1db3066e5c4be932dc343b2c46c3159fd46fb541b5089594019763
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
c955ba1b5002911b8b5670fee7c35d7011701b16266fc6b758602bbe8de7a5cf
c9ca2b473cc45fa4036a0c7997c7de0d9f4e901f76c30351e1c5ff4e63af2fdf
ca19429f9a71b3c68846025f6f1f047f4ab82e2349ce51985b96f28b51c7f3ea
cac02a41a2bf9640f0589a7172a8ba71ce49e15446c46898b1161f89f71f0006
caefdcc9ae00a197310c0e74d02cc5011a10cf2f7494a3c6e28cd68dc7c37540
cc12e20bb61f4ab29d21ebecb788801a53dc24a26436829643f4f185282c3330
cccd27e6ee6911220469b229c3914a88d4f67c6cfef53e4b83d914db42b71b57
cd392f8ba24ac89ef844e3cbc8f20ce60c90e296271b312288668d9520080ba0
ce03ad949eaf22f8146d090a7491cbd5130e48b064467fa71b8099675d5b9c7a
cf2c60e78ef72d44ad6f2f6aaf2f88dd75bb63e8f5d0f09e9e56683bb7a1c943
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff7b5273b2ec8ea689c393cf49341a0118f75bd50ca1c0e7bb8f2c45de1b0ee
d009655670a3a5788c8722fa9896d54ace8b48c4319f33d60fcfba1e80b7c885
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0ccf366564444da20f7e2c5d48ca9fff9ebc3c8487bb425cd8945ae4f27e990
d0da92d842a959802c464ac9dc02b288c5e51f990a9dc3a8a8e4b0c09537cb84
d22db0c10b025e174bf06ed9cf8f47795e69630e8226c3e0d4ba4b8b22546171
d267fc1d47c7dee550e5ae2f19b275fa7cd1b7fd2257269c9e694609adff60d5
d2c99319671e2e748cbd71c89d563843efc0cd38d9f300c6f7faac9ac8cdc427
d34e8a1a381b203e3d1f7c6ed4f077038e91782ea254c7a7e4785462147a385a
d43ac5826a74f4e5dcd9435aabe994b89a7e2030babd441463c621e96eec0375
d4e19725f2267ea85db18c1072e6cad9ce5e3de2ca1184e3c780d415abba9e4f
d627fc5be72dfcfce4a1784ce0e2e4e19dfc2ebf102319fd8934e87c714052b4
d6f895e4a85f1ec4d67f8b7aa182b7372d8a0f5da65dabdd3982631c6968318f
d6fa7c39b1d5e288c739c3a225a90d0698798485d5b17c1350dc17925942b841
daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac
dbc991c489fc2146df3283bc340a50f0565f10b26228478611eb01846d4d66b1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddb104bfc7f551e36f4e7f6dcc3f74ed535f9cafada05fb7a48020cc47dc097c
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561
de52e73b5138812fe661972462e6b386f2a5dddb33cb33ab5e270f60e29d4258
deb959c047f364b4d81eb0b735fd60c7172cb808ddad43546948d90a38ad362e
deef54012688c585c9aa7b366318eba4f35e6077f686c9c0b79198f62696c566
df1a482c68871ba4b896ed0cd36c7e729ff9fcd189b145db294c2ace16436bb3
dfb749c8597c2c8686580548520a1575a8026ed3efda320792bc9f5bc8cd246a
e10b8022172af8e401d3912fe626d8f45e1d7ae3eabb61500fadb58fa98da964
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09
e38e68aab307f198623a6fed86aae6773f4cc3c7ed85e4fc3f02a112674c8e36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e87ddb32954308d92eca6501ea254cc5b3924b0698b15723a6f84cfd408a6ee4
e897fa4837867825de599b2129d0d7466ae13eb94895ea6dc2dd217e83e7ea74
eb220de9cea3da2a7fa26633deb965bbc698d3ab653a2e69da2d408ee7027ca1
ec68a7c7f7f4785edef5acbcabf10afe4574eeaa3114b4c9f583b4e3ef376bd8
ecb4f50d3c9733fb6ad76016cbf992cdf87bb37db17e3c28c9437fdbab666233
ed7539ba572c3c474cd8e551c4d790eccc25d2d1a6dcab7fc51143ea00c0a710
ee403944cf9c0065eee14f507f8eb887d8e333c8627d7347e137380f46a88938
ee80e2de5c026fa3c0786f587eed85d1521d50ba1aba027c2b0714c108c351a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17cf1cb73dc13f928ef0122375fe550926a471e46d614199bfe8ef69733437a
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f4be37ae6f3da730d311ea6ff931acc51d1ae189ec3c2d28869cb00e536605cd
f650676047609c72f3c893b13a7148916bb0a9a5ff1f6ca9c531d07038ba31ae
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6c41b3988953c9e13249914a65ff7b33409da5cb33f4af180f64384c9a4adc9
f9b57d922e723433102274c955b2860cf006840a66ab56c4e2ea7d982316949b
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe92185d07ca1bdd4c5fb355805bd21b3d46fe37b1d99d453c33716de45b382b