URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Submission: On March 31 via api from SG

Summary

This website contacted 84 IPs in 9 countries across 72 domains to perform 302 HTTP transactions. The main IP is 23.79.129.80, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.telegraph.co.uk.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 16th 2021. Valid for: 5 months.
This is the only time www.telegraph.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 23.79.129.80 16625 (AKAMAI-AS)
1 2a04:4e42:3::621 54113 (FASTLY)
3 13.226.159.111 16509 (AMAZON-02)
37 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 23.79.136.18 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
5 2606:2800:234... 15133 (EDGECAST)
30 13.226.159.26 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 13.226.159.42 16509 (AMAZON-02)
13 76.76.21.21 16509 (AMAZON-02)
1 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
4 13.226.159.114 16509 (AMAZON-02)
1 10 54.154.123.210 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 146.88.138.85 33438 (HIGHWINDS2)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 15.237.136.106 16509 (AMAZON-02)
1 1 54.171.42.33 16509 (AMAZON-02)
1 34.252.166.160 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 13 23.218.208.246 16625 (AKAMAI-AS)
1 148.64.56.69 200981 (GRAPESHOT...)
3 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
31 2a04:4e42:1b:... 54113 (FASTLY)
1 3 184.25.115.49 16625 (AKAMAI-AS)
1 151.139.128.11 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:218... 16509 (AMAZON-02)
1 99.86.3.55 16509 (AMAZON-02)
1 64.202.112.127 22075 (AS-OUTBRAIN)
7 35.190.14.224 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 8 37.252.172.36 29990 (ASN-APPNEX)
1 23.37.38.181 16625 (AKAMAI-AS)
1 34.98.64.218 15169 (GOOGLE)
1 213.19.162.31 3356 (LEVEL3)
17 52.17.245.189 16509 (AMAZON-02)
1 213.19.147.210 3356 (LEVEL3)
1 178.250.2.131 44788 (ASN-CRITE...)
1 184.30.21.51 16625 (AKAMAI-AS)
1 142.250.185.98 15169 (GOOGLE)
1 3.222.213.29 14618 (AMAZON-AES)
3 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 104.19.150.54 13335 (CLOUDFLAR...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 35.190.59.101 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.200 13414 (TWITTER)
1 18.198.69.109 16509 (AMAZON-02)
1 178.63.12.147 24940 (HETZNER-AS)
6 11 69.173.144.138 26667 (RUBICONPR...)
9 11 142.250.186.130 15169 (GOOGLE)
7 34.76.9.209 15169 (GOOGLE)
1 2 35.156.153.71 16509 (AMAZON-02)
1 35.205.136.23 15169 (GOOGLE)
2 5 52.18.90.176 16509 (AMAZON-02)
4 4 3.124.88.100 16509 (AMAZON-02)
2 2 34.245.253.34 16509 (AMAZON-02)
1 94.237.48.86 202053 (UPCLOUD)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 23.37.42.132 16625 (AKAMAI-AS)
2 2 216.52.2.30 30282 (AS-INAPCD...)
1 2 52.46.130.13 16509 (AMAZON-02)
1 1 34.196.186.87 14618 (AMAZON-AES)
1 192.132.33.46 18568 (BIDTELLECT)
1 135.125.8.70 16276 (OVH)
2 2 35.186.253.211 15169 (GOOGLE)
2 2 185.29.132.68 30419 (MEDIAMATH...)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 18.132.239.61 16509 (AMAZON-02)
2 2 52.28.38.50 16509 (AMAZON-02)
2 2 52.49.202.212 16509 (AMAZON-02)
1 104.16.68.69 13335 (CLOUDFLAR...)
3 23.218.208.200 16625 (AKAMAI-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 2 213.155.156.167 1299 (TELIANET ...)
4 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 159.253.128.183 36351 (SOFTLAYER)
3 185.64.190.80 62713 (AS-PUBMATIC)
2 2 37.157.6.253 198622 (ADFORM)
2 2 18.195.73.36 16509 (AMAZON-02)
2 2 54.194.211.3 16509 (AMAZON-02)
1 1 18.185.199.226 16509 (AMAZON-02)
1 1 37.157.2.237 198622 (ADFORM)
302 84
Apex Domain
Subdomains
Transfer
68 telegraph.co.uk
www.telegraph.co.uk
static.telegraph.co.uk
secure.telegraph.co.uk
cf.eip.telegraph.co.uk
cf-particle-html.eip.telegraph.co.uk
tcf2.telegraph.co.uk
smetrics.telegraph.co.uk
2 MB
37 adobedtm.com
assets.adobedtm.com
172 KB
30 imgix.net
barnebys.imgix.net
460 KB
17 the-ozone-project.com
elb.the-ozone-project.com
42 KB
14 rubiconproject.com
fastlane.rubiconproject.com
token.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
20 KB
13 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
104 KB
13 barnebys.com
widgethost.barnebys.com
images.barnebys.com
154 KB
12 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com
simage2.pubmatic.com
35 KB
11 casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
10 KB
10 demdex.net
dpm.demdex.net
tmg.demdex.net
13 KB
9 quantummetric.com
cdn.quantummetric.com
telegraph-app.quantummetric.com
telegraph-sync.quantummetric.com
63 KB
8 adnxs.com
ib.adnxs.com
7 KB
8 skimresources.com
s.skimresources.com
t.skimresources.com
p.skimresources.com
r.skimresources.com
16 KB
8 petametrics.com
cdn.petametrics.com
query.petametrics.com
69 KB
6 twitter.com
platform.twitter.com
syndication.twitter.com
229 KB
5 adsrvr.org
match.adsrvr.org
2 KB
4 3lift.com
dmpsync.3lift.com
eb2.3lift.com
2 KB
4 tinypass.com
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
131 KB
3 adform.net
c1.adform.net
cm.adform.net
1 KB
3 yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
1 KB
3 cxense.com
cdn.cxense.com
scomcluster.cxense.com
33 KB
3 criteo.com
bidder.criteo.com
gum.criteo.com
dis.criteo.com
583 B
3 openx.net
telegraph-d.openx.net
rtb.openx.net
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 jquery.com
code.jquery.com
88 KB
3 indexww.com
js-sec.indexww.com
17 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
139 KB
3 youtube.com
www.youtube.com
img.youtube.com
52 KB
2 avct.cloud
ads.avct.cloud
1001 B
2 bidswitch.net
x.bidswitch.net
975 B
2 fiftyt.com
visitor.fiftyt.com
994 B
2 semasio.net
uipglob.semasio.net
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 bidr.io
match.prod.bidr.io
1 KB
2 360yield.com
ad2.360yield.com
683 B
2 mathtag.com
sync.mathtag.com
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 criteo.net
static.criteo.net
51 KB
2 crwdcntrl.net
sync.crwdcntrl.net
998 B
2 advertising.com
pixel.advertising.com
600 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 go-mpulse.net
s.go-mpulse.net
c.go-mpulse.net
51 KB
1 sharethrough.com
match.sharethrough.com
260 B
1 simpli.fi
um.simpli.fi
609 B
1 zeotap.com
mwzeom.zeotap.com
594 B
1 districtm.io
dmx.districtm.io
409 B
1 agkn.com
aa.agkn.com
380 B
1 rlcdn.com
id.rlcdn.com
66 B
1 dyntrk.com
gu.dyntrk.com
215 B
1 bttrack.com
bttrack.com
380 B
1 advangelists.com
nep.advangelists.com
232 B
1 akstat.io
684dd30d.akstat.io
205 B
1 beemray.com
adobeaam.beemray.com
1 exelator.com
loadm.exelator.com
324 B
1 google.de
www.google.de
107 B
1 google.com
www.google.com
107 B
1 barnebys.sh
analytics.barnebys.sh
389 B
1 permutive.com
cdn.permutive.com
1 chartbeat.net
ping.chartbeat.net
169 B
1 teads.tv
a.teads.tv
251 B
1 unrulymedia.com
targeting.unrulymedia.com
276 B
1 outbrain.com
amplifypixel.outbrain.com
256 B
1 dotmetrics.net
uk-script.dotmetrics.net
3 KB
1 chartbeat.com
static.chartbeat.com
23 KB
1 googleapis.com
fonts.googleapis.com
741 B
1 grapeshot.co.uk
telegraph.grapeshot.co.uk
839 B
1 googletagservices.com
www.googletagservices.com
20 KB
1 omtrdc.net
telegraphmediagroupl.tt.omtrdc.net
4 KB
1 everesttech.net
cm.everesttech.net
517 B
1 facebook.net
connect.facebook.net
23 KB
1 polyfill.io
cdn.polyfill.io
253 B
302 72
Domain Requested by
37 assets.adobedtm.com www.telegraph.co.uk
assets.adobedtm.com
30 barnebys.imgix.net widgethost.barnebys.com
30 cf.eip.telegraph.co.uk www.telegraph.co.uk
cf-particle-html.eip.telegraph.co.uk
cf.eip.telegraph.co.uk
23 www.telegraph.co.uk www.telegraph.co.uk
17 elb.the-ozone-project.com cdn.quantummetric.com
static.telegraph.co.uk
elb.the-ozone-project.com
ads.pubmatic.com
12 widgethost.barnebys.com www.telegraph.co.uk
widgethost.barnebys.com
11 cm.g.doubleclick.net 9 redirects
9 dpm.demdex.net 1 redirects assets.adobedtm.com
www.telegraph.co.uk
cdn.quantummetric.com
8 ib.adnxs.com 6 redirects cdn.quantummetric.com
7 telegraph-app.quantummetric.com cdn.quantummetric.com
7 token.rubiconproject.com 5 redirects
7 query.petametrics.com cdn.quantummetric.com
www.telegraph.co.uk
5 match.adsrvr.org 2 redirects cdn.quantummetric.com
ssum-sec.casalemedia.com
5 platform.twitter.com www.telegraph.co.uk
platform.twitter.com
4 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
4 pixel.rubiconproject.com 1 redirects
4 tcf2.telegraph.co.uk static.telegraph.co.uk
3 simage2.pubmatic.com ads.pubmatic.com
3 ads.pubmatic.com elb.the-ozone-project.com
ads.pubmatic.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 t.skimresources.com www.telegraph.co.uk
cdn.quantummetric.com
3 sb.scorecardresearch.com 1 redirects static.telegraph.co.uk
www.telegraph.co.uk
3 code.jquery.com cf-particle-html.eip.telegraph.co.uk
3 js-sec.indexww.com static.telegraph.co.uk
ssum-sec.casalemedia.com
3 smetrics.telegraph.co.uk assets.adobedtm.com
cdn.quantummetric.com
3 cf-particle-html.eip.telegraph.co.uk cf.eip.telegraph.co.uk
3 static.telegraph.co.uk www.telegraph.co.uk
static.telegraph.co.uk
2 ads.avct.cloud 2 redirects
2 x.bidswitch.net 2 redirects
2 c1.adform.net 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 eb2.3lift.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 ad2.360yield.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 rtb.openx.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ap.lijit.com 2 redirects
2 eus.rubiconproject.com static.telegraph.co.uk
eus.rubiconproject.com
2 static.criteo.net static.telegraph.co.uk
cdn.quantummetric.com
2 sync.crwdcntrl.net 2 redirects
2 dmpsync.3lift.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 pixel.advertising.com 1 redirects
2 r.skimresources.com 1 redirects www.telegraph.co.uk
2 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
2 p.skimresources.com www.telegraph.co.uk
2 www.google-analytics.com www.telegraph.co.uk
cdn.quantummetric.com
2 experience.tinypass.com www.telegraph.co.uk
cdn.quantummetric.com
2 www.gstatic.com www.telegraph.co.uk
2 www.youtube.com www.telegraph.co.uk
www.youtube.com
2 secure.telegraph.co.uk www.telegraph.co.uk
secure.telegraph.co.uk
1 cm.adform.net 1 redirects
1 match.sharethrough.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 dis.criteo.com image6.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 dmx.districtm.io
1 aa.agkn.com 1 redirects
1 ads.yahoo.com
1 id.rlcdn.com
1 gu.dyntrk.com ssum-sec.casalemedia.com
1 bttrack.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 nep.advangelists.com 1 redirects
1 gum.criteo.com static.criteo.net
1 684dd30d.akstat.io s.go-mpulse.net
1 adobeaam.beemray.com
1 as-sec.casalemedia.com cdn.quantummetric.com
1 telegraph-sync.quantummetric.com cdn.quantummetric.com
1 scomcluster.cxense.com www.telegraph.co.uk
1 loadm.exelator.com www.telegraph.co.uk
1 syndication.twitter.com platform.twitter.com
1 www.google.de www.telegraph.co.uk
1 www.google.com www.telegraph.co.uk
1 analytics.barnebys.sh www.telegraph.co.uk
1 stats.g.doubleclick.net cdn.quantummetric.com
1 buy.tinypass.com cdn.tinypass.com
1 cdn.permutive.com static.telegraph.co.uk
1 ping.chartbeat.net www.telegraph.co.uk
1 securepubads.g.doubleclick.net www.googletagservices.com
1 a.teads.tv cdn.quantummetric.com
1 bidder.criteo.com cdn.quantummetric.com
1 targeting.unrulymedia.com cdn.quantummetric.com
1 fastlane.rubiconproject.com cdn.quantummetric.com
1 telegraph-d.openx.net cdn.quantummetric.com
1 htlb.casalemedia.com cdn.quantummetric.com
1 c.go-mpulse.net s.go-mpulse.net
1 fonts.gstatic.com fonts.googleapis.com
1 amplifypixel.outbrain.com www.telegraph.co.uk
1 uk-script.dotmetrics.net static.telegraph.co.uk
1 static.chartbeat.com www.telegraph.co.uk
1 s.skimresources.com static.telegraph.co.uk
1 images.barnebys.com widgethost.barnebys.com
1 fonts.googleapis.com widgethost.barnebys.com
1 cdn.tinypass.com experience.tinypass.com
1 telegraph.grapeshot.co.uk static.telegraph.co.uk
1 www.googletagservices.com static.telegraph.co.uk
1 telegraphmediagroupl.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 tmg.demdex.net assets.adobedtm.com
1 cdn.petametrics.com www.telegraph.co.uk
1 cdn.quantummetric.com assets.adobedtm.com
1 connect.facebook.net www.telegraph.co.uk
1 s.go-mpulse.net www.telegraph.co.uk
1 img.youtube.com www.telegraph.co.uk
1 cdn.polyfill.io www.telegraph.co.uk
302 113
Subject Issuer Validity Valid
www.telegraph.co.uk
DigiCert SHA2 Secure Server CA
2021-03-16 -
2021-08-07
5 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-03-25 -
2022-03-26
a year crt.sh
static.telegraph.co.uk
Amazon
2021-03-10 -
2022-04-08
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-08 -
2021-09-30
9 months crt.sh
secure.telegraph.co.uk
GeoTrust RSA CA 2018
2020-08-11 -
2021-11-10
a year crt.sh
*.google.com
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
*.eip.telegraph.co.uk
Amazon
2021-03-18 -
2022-04-16
a year crt.sh
akstat.io
DigiCert Secure Site ECC CA-1
2020-05-06 -
2021-08-05
a year crt.sh
*.barnebys.com
R3
2021-02-11 -
2021-05-12
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-02-10 -
2021-05-10
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
tcf2.telegraph.co.uk
Entrust Certification Authority - L1K
2020-07-20 -
2021-07-30
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2020-12-02 -
2022-01-02
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-17 -
2021-08-17
a year crt.sh
cdn.petametrics.com
R3
2021-03-11 -
2021-06-09
3 months crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA
2020-09-17 -
2021-09-17
a year crt.sh
smetrics.telegraph.co.uk
DigiCert SHA2 High Assurance Server CA
2020-05-11 -
2021-08-12
a year crt.sh
*.tt.omtrdc.net
DigiCert SHA2 Secure Server CA
2020-11-02 -
2021-11-09
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.grapeshot.co.uk
DigiCert TLS RSA SHA256 2020 CA1
2021-02-09 -
2022-03-12
a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
imgix4.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-03-26 -
2021-09-11
6 months crt.sh
imgix.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-08-06 -
2021-08-07
a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1
2020-07-17 -
2021-06-02
a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA
2020-09-10 -
2021-10-12
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2020-06-01 -
2021-06-02
a year crt.sh
*.dotmetrics.net
Amazon
2020-11-23 -
2021-12-22
a year crt.sh
*.outbrain.com
Thawte RSA CA 2018
2019-10-29 -
2021-11-23
2 years crt.sh
*.liftigniter.com
R3
2021-03-28 -
2021-06-26
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-18 -
2022-01-18
a year crt.sh
*.ozpr.net
Amazon
2020-07-05 -
2021-08-05
a year crt.sh
*.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2020-10-16 -
2021-11-16
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
teads.tv
R3
2021-02-18 -
2021-05-19
3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2020-12-01 -
2021-12-30
a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3
2021-03-02 -
2022-03-01
a year crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA
2020-03-11 -
2021-06-10
a year crt.sh
*.barnebys.sh
R3
2021-02-21 -
2021-05-22
3 months crt.sh
www.google.com
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
www.google.de
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2
2019-05-17 -
2021-06-25
2 years crt.sh
*.quantummetric.com
Sectigo RSA Domain Validation Secure Server CA
2021-01-18 -
2022-02-13
a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA
2021-03-01 -
2021-08-24
6 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
*.beemray.com
Go Daddy Secure Certificate Authority - G2
2020-12-14 -
2021-12-23
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
s.amazon-adsystem.com
Amazon
2020-08-28 -
2021-08-20
a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2019-03-19 -
2021-04-13
2 years crt.sh
gu.dyntrk.com
R3
2021-02-09 -
2021-05-10
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-29 -
2021-05-05
a month crt.sh
districtm.io
Cloudflare Inc ECC CA-3
2020-07-01 -
2021-07-01
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2021-03-30 -
2022-04-04
a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020
2021-03-09 -
2022-04-10
a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-12-12
2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-10-30 -
2021-04-27
6 months crt.sh

This page contains 19 frames:

Primary Page: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Frame ID: C6ACEC91CF4975B6204B4D0CB0B3B916
Requests: 148 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/GHENT-R5DY7-KAG4V-6EY7K-3RGVU
Frame ID: 983755E6AA3FC909C53B075FC1F45D2D
Requests: 2 HTTP requests in this frame

Frame: https://cf-particle-html.eip.telegraph.co.uk/94af4b27-ab7e-42cf-a2a1-9f98c09b790d.html?i=0&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=94af4b27-ab7e-42cf-a2a1-9f98c09b790d&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Frame ID: 8A712F6B1397FD2F199C4660A501713F
Requests: 12 HTTP requests in this frame

Frame: https://cf-particle-html.eip.telegraph.co.uk/c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc.html?i=1&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Frame ID: 9C45FDED8C68D7D6D8566170B76DB761
Requests: 11 HTTP requests in this frame

Frame: https://cf-particle-html.eip.telegraph.co.uk/5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2.html?i=2&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Frame ID: DB9772FD32416D4EF1F383919A105054
Requests: 13 HTTP requests in this frame

Frame: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Frame ID: 07643F29AE182E5286F35D8D07F87E4B
Requests: 46 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.telegraph.co.uk
Frame ID: 8C420ADAB802FC39C1EE4EA6F310850C
Requests: 2 HTTP requests in this frame

Frame: https://tmg.demdex.net/dest5.html?d_nsid=0
Frame ID: 370D5E8B7CDC24B83EA93C85C41D0265
Requests: 10 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.32956970042614997
Frame ID: 553E40B5D31839F5884F10ECADAF8572
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.telegraph.co.uk&gdpr=0&gdpr_consent=
Frame ID: 6689AD224D9B62089E7212F7679CCA12
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F51201003B03B339BEB0E28EB63ACE7A
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&publisherId=OZONETMG0001&siteId=4204204210&cb=1617194554374&bidder=ozone
Frame ID: 803A7C17711F692E8A4C475FDFCC2FFA
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 56815F069F0BB128BC63C827642DF909
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 4077362E7F5705DFDA1034C22A422752
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Frame ID: F20AFC0D2A8626CAF8954CCCB9AC3D8D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3630DD54B23352EB610A8EF5F564D4DC
Requests: 14 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2628316156748137509
Frame ID: 497D4CCFD78A83F418C65224C882A105
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 600F7AF6BF015E791CDBDF3EABCA33DB
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=E2C7C044-3D2C-4CF0-AD94-053E4F260C30
Frame ID: 79FCA6C2C0564F183B94F75D133C1B97
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/etc\/designs\//i

Overall confidence: 100%
Detected patterns
  • script /\/etc\/designs\//i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

302
Requests

100 %
HTTPS

27 %
IPv6

72
Domains

113
Subdomains

84
IPs

9
Countries

3758 kB
Transfer

9180 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84
  • https://cm.everesttech.net/cm/dd?d_uuid=22164234260906839360468712829451087008 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YGRuOQAAAJN-ACkN
Request Chain 199
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035736&c3=&comscorekw=technology&ns__t=1617194554180&ns_c=UTF-8&cv=3.5&c8=What%20is%20WannaCry%20and%20how%20does%20ransomware%20work%3F&c7=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035736&c3=&comscorekw=technology&ns__t=1617194554180&ns_c=UTF-8&cv=3.5&c8=What%20is%20WannaCry%20and%20how%20does%20ransomware%20work%3F&c7=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&c9=&cs_ak_ss=1
Request Chain 211
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01F244X51S74TECDGQSDXW30X3&persistence=1&checksum=92728489988f0a0d006f65e5345d3591084e6258d8a6f777af979a35d6bc3895
Request Chain 223
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=5604535459600584512
Request Chain 224
  • https://token.rubiconproject.com/token?pid=6404&puid=22164234260906839360468712829451087008&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=KMXFVS42-K-9UGY&redir=https%3A%2F%2Ftoken.rubiconproject.com%2Ftoken%3Fpid%3D6404%26puid%3D%24%7BDD_UUID%7D%26rk%3DNoRedirect?gdpr=0 HTTP 302
  • https://token.rubiconproject.com/token?pid=6404&puid=61650870140457631521046825960338994164&rk=NoRedirect
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjIxNjQyMzQyNjA5MDY4MzkzNjA0Njg3MTI4Mjk0NTEwODcwMDg= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjIxNjQyMzQyNjA5MDY4MzkzNjA0Njg3MTI4Mjk0NTEwODcwMDg=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBTRz7SGkn4cpzEmJtaaZ0w&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 227
  • https://pixel.advertising.com/ups/28/sync?uid=22164234260906839360468712829451087008&_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/28/sync?uid=22164234260906839360468712829451087008&_origin=1&redir=true&verify=true
Request Chain 231
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YGRuOn6R5xQAE17-bcl7dQAA%261168
Request Chain 234
  • https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=72352&dpuuid=1565355192850792757&gdpr=0&gdpr_consent=
Request Chain 235
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=22164234260906839360468712829451087008?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=22164234260906839360468712829451087008?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=caaf92ad6b199bbc03a15e19bc14059
Request Chain 249
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 251
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=1c385eab2210fb8276b2d8f6
Request Chain 254
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YGRuRBc3iGY-MC2VehDywAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJvlqEfs85C82rtmFPzmbn0&google_cver=1
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YGRuRBc3iGY_MC2VehDywAAABIUAAAIB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YGRuRBc3iGY_MC2VehDywAAABIUAAAIB&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDKJpX0_HJnUsrMPLAlFFIk&google_cver=1
Request Chain 256
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YGRuRBc3iGY_MC2VehDywAAABIUAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YGRuRBc3iGY_MC2VehDywAAABIUAAAIB&dcc=t
Request Chain 258
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3f5a0fa-0380-425f-88dc-c05fb9225064
Request Chain 259
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2852011108171826666
Request Chain 263
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=a4da1051-503d-4af6-9548-3135cefd236b
Request Chain 264
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=667a6064-6e44-4a00-9dae-b401492c5549&gdpr=0&gdpr_consent=
Request Chain 266
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01YRlcwNkgtSS1FQjhL&gdpr=0
Request Chain 267
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWQ4NzJhMDRkZjhkYTA2ZGY1NzZjM2FkYTE3NjhlY2U1YjQyOGY3Yw&gdpr=0
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEP687LVRLnPlMbmEI5QtcuQ&google_cver=1
Request Chain 269
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMXFW06H-I-EB8K&sigv=1&esig=2~b92be36d6745863bb6f2c5daf52b78257edfffd4&gdpr=0
Request Chain 271
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/iy2NuRXSjgVhyVuW2izd4Q?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8003230086881234698
Request Chain 273
  • https://ssum.casalemedia.com/usermatchredir?s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=YGRuRBc3iGY-MC2VehDywAAA%261157
Request Chain 274
  • https://aa.agkn.com/adscores/g.pixel?sid=9212308078&bidder=neustar&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=neustar&gdpr=0&gdpr_consent=&uid=T4GVYPfMHYDQzjw09fEmC73%2BiwMSpPccPqmISYjX2i0%3D
Request Chain 275
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=KMXFW06H-I-EB8K&gdpr=0
Request Chain 276
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=ea3cb368-48c7-47b5-bbdc-c99d617f3b15
Request Chain 277
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1 HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAItuk7AyN0AACmVv3NmFg
Request Chain 278
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2852011108171826666
Request Chain 280
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=10707309288337980120
Request Chain 284
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2628316156748137509
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4sfARD0sTPCtlAU-TyYMMA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 289
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 290
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&addseg=31
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTJDN0MwNDQtM0QyQy00Q0YwLUFEOTQtMDUzRTRGMjYwQzMw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE2Zvy_xPtszlFrHXKisNSg&google_cver=1
Request Chain 294
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ff5c70b-0b67-4c78-b170-06333c1fcf4a
Request Chain 295
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6162048902477780439
Request Chain 296
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:667a6064-6e44-4a00-9dae-b401492c5549&gdpr=0&gdpr_consent=
Request Chain 297
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2852011108171826666&gdpr=0&gdpr_consent=
Request Chain 299
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us_privacy}} HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us_privacy}} HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=810cd468-03df-4939-8ba5-c6859b1f8fc7
Request Chain 300
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=f755e1c0-c56c-40ac-ad4c-0d8685ad0674
Request Chain 301
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=446cad52-7e49-49c6-8195-43a10ca58039
Request Chain 302
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=6162048902477780439

302 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.telegraph.co.uk/technology/0/ransomware-does-work/
224 KB
45 KB
Document
General
Full URL
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
747a726795dd75b7a092b7174f4bda27c43614336623beb0d5265f7e9017d524
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.telegraph.co.uk
:scheme
https
:path
/technology/0/ransomware-does-work/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty/1.15.8.2
content-type
text/html; charset=UTF-8
set-cookie
ak_bmsc=D5CC4E572C00FF9ACE74FCB5426875CA0211647E32320000376E6460651AFB44~plxhvIN/mOJeWx2a/KSennIZk6rcWsF5ZzskqjUiKR8klEEQNVFuRWqZQ/b9M90Wx6I6E21i/QAUAwLbl3agXQ+9/g+1wPGm2GeFS1K138HtyxRdDlsA+XjWK21AV9TuDHrD4ucPhZNrJcm5es4QVXnevgjsz6SRKP6YdSJEDuBkEevAntwJNnlPFdqSiK1lugEJSN58RJvJq+EFJYe/XkTvY4RBikv/us63UipvqcHOQ=; expires=Wed, 31 Mar 2021 14:42:31 GMT; max-age=7200; path=/; domain=.telegraph.co.uk; HttpOnly
strict-transport-security
max-age=15724800; includeSubDomains
server-timing
origin; dur=148 edge; dur=266 cdn-cache; desc=REVALIDATE
vary
Accept-Encoding
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
x-akamai-transformed
9 226320 0 pmb=mRUM,1
content-encoding
gzip
expires
Wed, 31 Mar 2021 12:42:32 GMT
cache-control
max-age=0, no-cache
pragma
no-cache
date
Wed, 31 Mar 2021 12:42:32 GMT
tmgchannels.min.5-83--0.css
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/
950 KB
92 KB
Stylesheet
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels.min.5-83--0.css
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
e756f3e957774e96bea2e286f21c9bd020168663b7d1d137ce3bfad6eeeac9b0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
x-content-type-options
nosniff
x-original-content-length
979780
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
93885
etag
W/"PSA-aj-P0jT7R6cCB"
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
date
Wed, 31 Mar 2021 12:42:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/css
cache-control
public, max-age=30918186
accept-ranges
bytes
expires
Thu, 24 Mar 2022 09:05:38 GMT
tech.min.5-83--0.css
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/
46 KB
8 KB
Stylesheet
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/tech.min.5-83--0.css
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
431e194a9add9d9cf59118af08cbbb3aa8f951e854dfef995b134f95ef1f94e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 24 Mar 2021 09:20:49 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
etag
W/"b9f1-5be44d09453cb"
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
content-type
text/css
cache-control
public, max-age=30919653
date
Wed, 31 Mar 2021 12:42:32 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
7227
uisiteheader.min.5-83--0.css
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/
37 KB
6 KB
Stylesheet
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/uisiteheader.min.5-83--0.css
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
3e3b1181b7ac6ab5fcdec22a9a00266bf8069392d7094f55bc642156236ed89a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
x-content-type-options
nosniff
x-original-content-length
38543
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
5393
etag
W/"PSA-aj-w5xCDb67d3"
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
date
Wed, 31 Mar 2021 12:42:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/css
cache-control
public, max-age=30918352
accept-ranges
bytes
expires
Thu, 24 Mar 2022 09:08:24 GMT
uisitefooter.min.5-83--0.css
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/
10 KB
2 KB
Stylesheet
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/uisitefooter.min.5-83--0.css
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
767d6655dbcbdfd5c522e951e575c385d41c97e211b6d020ab9c37c6f4122adb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
1938
etag
W/"28bb-5be4484725f97"
last-modified
Wed, 24 Mar 2021 08:59:32 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
date
Wed, 31 Mar 2021 12:42:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/css
cache-control
public, max-age=30918186
accept-ranges
bytes
polyfill.min.js
cdn.polyfill.io/v3/
142 B
253 B
Script
General
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js?flags=gated&features=default,fetch,IntersectionObserver,NodeList.prototype.forEach,Array.prototype.@@iterator&Array.prototype.includes&callback=tmg.polyfill.complete
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e382da33f35db7181f101e2f0894ec1cc42c83db29ba5fd1dc3c52381e65a658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
3512098
detected-user-agent
Chrome/89.0.4389
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
115
referrer-policy
origin-when-cross-origin
last-modified
Thu, 18 Feb 2021 11:40:32 GMT
date
Wed, 31 Mar 2021 12:42:32 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
head.min.5-84--1.js
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/core/
78 KB
20 KB
Script
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/core/head.min.5-84--1.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
6098939f572870d05c4f55c73b7812c87a2c49ea472c17e21eecd93e979f4d36
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
19523
etag
W/"137cf-5bed170f08a13"
last-modified
Wed, 31 Mar 2021 09:07:15 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
date
Wed, 31 Mar 2021 12:42:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=31523060
accept-ranges
bytes
firestore.min.5-84--1.js
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/
7 KB
3 KB
Script
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/firestore.min.5-84--1.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
584a3a57616fdd0ceb79356f899203edb97ee3a8660677d866c80aecb818caf0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
2225
etag
W/"1b65-5bed170ed9733"
last-modified
Wed, 31 Mar 2021 09:07:15 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
date
Wed, 31 Mar 2021 12:42:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=31523033
accept-ranges
bytes
mytelegraph.min.5-84--1.js
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/
55 KB
15 KB
Script
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/mytelegraph.min.5-84--1.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
2e4df52e6b09d2b0b59c6337be0d69b3dd8c568db48a2ce410f54c080930301e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
14681
etag
W/"da76-5bed170edbe42"
last-modified
Wed, 31 Mar 2021 09:07:15 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
date
Wed, 31 Mar 2021 12:42:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=31523018
accept-ranges
bytes
tmg-cmp.min.js
static.telegraph.co.uk/telegraph-advertising/
153 KB
154 KB
Script
General
Full URL
https://static.telegraph.co.uk/telegraph-advertising/tmg-cmp.min.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-111.dus51.r.cloudfront.net
Software
UploadServer /
Resource Hash
e5737ddee12b1e62c9c62099262dc06075f03f490237de274d54eb9592330c4b

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:41:00 GMT
Via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
x-goog-meta-goog-reserved-file-mtime
1617009037
Age
98
X-GUploader-UploadID
ABg5-Ux9EbbwpKMxZEcTtbXg6dVemFtk1vzvbYpGldhzV2A2Dp9hWdqYz_byVAUFP9F52YEm6DI5YwY0Q0YoYyc4qck
X-Cache
Hit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
156509
Last-Modified
Mon, 29 Mar 2021 09:11:12 GMT
Server
UploadServer
ETag
"0072f0f49c2a0b1c26b253027d03b1b1"
x-goog-hash
crc32c=7b+RwQ==, md5=AHLw9JwqCxwmslMCfQOxsQ==
x-goog-generation
1617009072582538
Cache-Control
public,max-age=300
x-goog-stored-content-length
156509
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Type
text/javascript
X-Amz-Cf-Id
4lez9A1UmHRiZn7fCEpMdyC-0b_DVDyWTK5tyoe5Dgf3NjjaaRz3Ow==
Expires
Wed, 31 Mar 2021 12:45:54 GMT
satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/
432 KB
114 KB
Script
General
Full URL
https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2793bc590638ebcfc29d1e41dc0c1c09e30649e4a6fe46b31543d978528b54d2

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:32 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:03 GMT
server
AkamaiNetStorage
etag
"771f3053d6b2f90cc194fe5898bf4c5e:1617187683.394936"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Mar 2021 13:42:32 GMT
tmg-gpt.min.js
static.telegraph.co.uk/telegraph-advertising/
163 KB
164 KB
Script
General
Full URL
https://static.telegraph.co.uk/telegraph-advertising/tmg-gpt.min.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-111.dus51.r.cloudfront.net
Software
UploadServer /
Resource Hash
ad5142275511eff45ea3b2aa944d959a8c9ac690f40093a95d860e7dc870aa6a

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:04 GMT
Via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
x-goog-meta-goog-reserved-file-mtime
1617009037
Age
31
X-GUploader-UploadID
ABg5-UxHcrpepZYpjXX-YX80lWOPdB2WrwhzJCAf3wC1BHrgZJeLUCEC_jCUCq6JuYf0kPieLmRXwFJ6sAn3Z30NyHs
X-Cache
Hit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
166522
Last-Modified
Mon, 29 Mar 2021 09:11:12 GMT
Server
UploadServer
ETag
"4bab0f83abea0a5c402627299bf716f0"
x-goog-hash
crc32c=3RsOTg==, md5=S6sPg6vqClxAJicpm/cW8A==
x-goog-generation
1617009072560476
Cache-Control
public,max-age=300
x-goog-stored-content-length
166522
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Type
text/javascript
X-Amz-Cf-Id
RrXwChs-KoS_mI_QIM2S28EslSLWd9GyFMOeMetDFiTtv_xseyE1Cw==
Expires
Wed, 31 Mar 2021 12:47:01 GMT
tmgrefresh.js
secure.telegraph.co.uk/customer/lib/
2 KB
1 KB
Script
General
Full URL
https://secure.telegraph.co.uk/customer/lib/tmgrefresh.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.136.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-136-18.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
7c601d4676fde2d9005955fb79c2970b3b9a1b1ab23be2cc5f7d031be98bd0b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-GUploader-UploadID
ABg5-Ux-V9fbNFdeP0NCTQCIaEkcCxXjhWNB_XF0zfUdklzZ9D4KlOKmHpmJccdUCzCkr4fJC8fNoqjSxgMMApoxfA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
Server-Timing
cdn-cache; desc=HIT, edge; dur=1
Content-Length
658
Last-Modified
Mon, 29 Mar 2021 12:41:53 GMT
Server
UploadServer
Cache-Control
public, max-age=340
ETag
"2928487c6f0a04fd31b701f97703dcff"
X-Frame-Options
SAMEORIGIN
x-goog-hash
crc32c=UvAZBg==
x-goog-generation
1617021713674238
Connection
keep-alive
x-goog-stored-content-length
658
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Wed, 31 Mar 2021 12:48:12 GMT
iframe_api
www.youtube.com/
810 B
1 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ecd524e5fb093bce7a0cd7cad8b9e71951a16c069022f7596260c65b13c4a323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:42:32 GMT
core.min.js
www.telegraph.co.uk/martech/js/
368 KB
81 KB
Script
General
Full URL
https://www.telegraph.co.uk/martech/js/core.min.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
4a1828ca7ad26c8004150f7b2a632fb0810dda8d7329770c52bc7ca9428119e3

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:32 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1617019690
x-guploader-uploadid
ABg5-UwBCpAMfx2bQgYADvF3_Cz0KAstlngfYU7Stb2B13OuEHLUi6K6CPHFDVF7HZeQoIsamcw8mm5jt6u7PAmq120
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
81861
last-modified
Mon, 29 Mar 2021 12:08:43 GMT
server
UploadServer
etag
"71feff0682b5150c8b32f18922d5c840"
vary
Accept-Encoding
x-goog-hash
crc32c=Z48iQw==, md5=cf7/BoK1FQyLMvGJItXIQA==
x-goog-generation
1617019723714235
cache-control
public, max-age=105
x-goog-stored-content-length
376571
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 31 Mar 2021 12:44:17 GMT
ui.min.5-84--1.js
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/
99 KB
27 KB
Script
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/ui.min.5-84--1.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
7a7290df4c4a0885758f65e0910f8824d3d9f71a13629818a392546f9e6bee50
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
27170
etag
W/"18dcc-5bed0a18c657d"
last-modified
Wed, 31 Mar 2021 08:09:16 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
date
Wed, 31 Mar 2021 12:42:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=31520000
accept-ranges
bytes
piano.min.5-84--1.js
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/
30 KB
10 KB
Script
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/piano.min.5-84--1.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
25b46e6675fce0a05037da73456092d84267f6e9fa25810c23e6aa0b46b063ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
9566
etag
W/"7755-5bed0b94f359f"
last-modified
Wed, 31 Mar 2021 08:15:55 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
date
Wed, 31 Mar 2021 12:42:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=31523088
accept-ranges
bytes
TheTelegraph_portal_white-320-small.png
www.telegraph.co.uk/content/dam/
3 KB
4 KB
Image
General
Full URL
https://www.telegraph.co.uk/content/dam/TheTelegraph_portal_white-320-small.png
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
657ea2e27915058b447289b888d316c106356f81137108b94075c14023884481

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:32 GMT
content-encoding
gzip
last-modified
Mon, 03 Feb 2020 15:48:26 GMT
server
Akamai Image Manager
etag
"147e-55a497db9e300"
vary
Accept-Encoding
content-type
image/webp
cache-control
no-transform, max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
3453
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBB) /
Resource Hash
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
550
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
29026
x-tw-cdn
VZ
Last-Modified
Wed, 03 Mar 2021 19:22:22 GMT
Server
ECS (amb/6BBB)
Etag
"965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
particle.js
cf.eip.telegraph.co.uk/particle-embed/js/
12 KB
4 KB
Script
General
Full URL
https://cf.eip.telegraph.co.uk/particle-embed/js/particle.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e729a5534388cb60d221c5752ef1fd26f297aa9e3f70b599c8fe514fbf6acfad

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 12:54:21 GMT
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 12:54:15 GMT
server
AmazonS3
age
85692
etag
W/"21bc1528e758292b364c42582c2e40fe"
vary
Accept-Encoding
x-amz-meta-cache-control
max-age=0,s-maxage=86400
content-type
application/javascript
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=0,s-maxage=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
AIB5EDaqN5ngX-fAzG2_yiWy3-8qdESLUblrcERNqfwcZ100hlyBUA==
mqdefault.jpg
img.youtube.com/vi/UKiLv95mIVo/
12 KB
12 KB
Image
General
Full URL
https://img.youtube.com/vi/UKiLv95mIVo/mqdefault.jpg
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd2699c85e30ba1693594fd4cbfdc0c88d16457325d2dfcd25398317fe24a5c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:38:26 GMT
x-content-type-options
nosniff
server
sffe
age
246
etag
"1617105632"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12340
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:43:26 GMT
Matt-cartoon-255x206px-small.png
www.telegraph.co.uk/content/dam/generic/
5 KB
5 KB
Image
General
Full URL
https://www.telegraph.co.uk/content/dam/generic/Matt-cartoon-255x206px-small.png
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8683211f6eacc4a34b8fc528d729059e1e955bf6f1431510725b97e2c0344d19

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:32 GMT
content-encoding
gzip
last-modified
Mon, 14 Oct 2019 00:01:08 GMT
server
Akamai Image Manager
etag
"58b1-55ac2236c2b00"
vary
Accept-Encoding
content-type
image/webp
cache-control
no-transform, max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
5309
Austin-News-Text-Web-Semibold.woff2
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/_base/fonts/
25 KB
25 KB
Font
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/_base/fonts/Austin-News-Text-Web-Semibold.woff2
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels.min.5-83--0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
9c783825f2f362ae3beae6eba44895610045a39fef497346226ffc8fa54c7290
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://www.telegraph.co.uk
Referer
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels.min.5-83--0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 03 Apr 2019 13:46:20 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
etag
W/"6318-585a07a895e09"
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
content-type
font/woff2
cache-control
public, max-age=9073042
date
Wed, 31 Mar 2021 12:42:32 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
25396
www-widgetapi.js
www.youtube.com/s/player/9f1ab255/www-widgetapi.vflset/
108 KB
39 KB
Script
General
Full URL
https://www.youtube.com/s/player/9f1ab255/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa90aed9f1ce6927165ed7dcadb3badb46c289be683639060792a4ee8101b3b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 15:47:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 00:19:28 GMT
server
sffe
age
75279
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39236
x-xss-protection
0
expires
Wed, 30 Mar 2022 15:47:53 GMT
GHENT-R5DY7-KAG4V-6EY7K-3RGVU
s.go-mpulse.net/boomerang/ Frame 9837
205 KB
49 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/GHENT-R5DY7-KAG4V-6EY7K-3RGVU
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:32 GMT
content-encoding
br
last-modified
Tue, 02 Feb 2021 17:33:49 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
Telesans-Text-Web-Regular.woff2
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/_base/fonts/
21 KB
21 KB
Font
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/_base/fonts/Telesans-Text-Web-Regular.woff2
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels.min.5-83--0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
65d2108ff73a770b00d4cffc91aeb94237ab5a49181ab9f2a94803a4d310ded5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://www.telegraph.co.uk
Referer
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels.min.5-83--0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 03 Apr 2019 13:46:20 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
etag
W/"53bc-585a07a8de2b9"
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
content-type
font/woff2
cache-control
public, max-age=9074965
date
Wed, 31 Mar 2021 12:42:32 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
21464
Austin-News-Deck-Web-Semibold.woff2
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/_base/fonts/
26 KB
27 KB
Font
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/_base/fonts/Austin-News-Deck-Web-Semibold.woff2
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels.min.5-83--0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
2c741ad9acb43d105e62f879f96b2d4ba638cc61e2a95a054ba986a09bcfdd71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://www.telegraph.co.uk
Referer
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels.min.5-83--0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 03 Apr 2019 13:46:21 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
etag
W/"68d8-585a07a96e2fd"
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
content-type
font/woff2
cache-control
public, max-age=9074340
date
Wed, 31 Mar 2021 12:42:32 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
26868
Austin-News-Text-Web-Roman.woff2
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/_base/fonts/
24 KB
25 KB
Font
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/_base/fonts/Austin-News-Text-Web-Roman.woff2
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels.min.5-83--0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
b9f9c7fcce0dc58d5324b37157ac86486d22284f8643d972e7edf356ca326f27
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://www.telegraph.co.uk
Referer
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels.min.5-83--0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 03 Apr 2019 13:46:21 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
etag
W/"60f8-585a07a9bc117"
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
content-type
font/woff2
cache-control
public, max-age=9073573
date
Wed, 31 Mar 2021 12:42:32 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
24852
iconfont.woff2
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/_base/fonts/iconfont/1/
8 KB
9 KB
Font
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/_base/fonts/iconfont/1/iconfont.woff2
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels.min.5-83--0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
1fa3398ed6e4cacad4c1d2b18f27048b2492361696b08af8e507b3f1f46698f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://www.telegraph.co.uk
Referer
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels.min.5-83--0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 03 Apr 2019 13:46:22 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
etag
W/"20f4-585a07aa060f6"
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
content-type
font/woff2
cache-control
public, max-age=21062959
date
Wed, 31 Mar 2021 12:42:32 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
8459
94af4b27-ab7e-42cf-a2a1-9f98c09b790d.html
cf-particle-html.eip.telegraph.co.uk/ Frame 8A71
4 KB
2 KB
Document
General
Full URL
https://cf-particle-html.eip.telegraph.co.uk/94af4b27-ab7e-42cf-a2a1-9f98c09b790d.html?i=0&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=94af4b27-ab7e-42cf-a2a1-9f98c09b790d&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Requested by
Host: cf.eip.telegraph.co.uk
URL: https://cf.eip.telegraph.co.uk/particle-embed/js/particle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-42.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
138a17bef350ce8a800df13053eb5b086d93de8c92c840201831a12f5c429d40

Request headers

:method
GET
:authority
cf-particle-html.eip.telegraph.co.uk
:scheme
https
:path
/94af4b27-ab7e-42cf-a2a1-9f98c09b790d.html?i=0&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=94af4b27-ab7e-42cf-a2a1-9f98c09b790d&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.telegraph.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ak_bmsc=D5CC4E572C00FF9ACE74FCB5426875CA0211647E32320000376E6460651AFB44~plxhvIN/mOJeWx2a/KSennIZk6rcWsF5ZzskqjUiKR8klEEQNVFuRWqZQ/b9M90Wx6I6E21i/QAUAwLbl3agXQ+9/g+1wPGm2GeFS1K138HtyxRdDlsA+XjWK21AV9TuDHrD4ucPhZNrJcm5es4QVXnevgjsz6SRKP6YdSJEDuBkEevAntwJNnlPFdqSiK1lugEJSN58RJvJq+EFJYe/XkTvY4RBikv/us63UipvqcHOQ=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.telegraph.co.uk/

Response headers

content-type
text/html
date
Wed, 31 Mar 2021 12:40:38 GMT
last-modified
Thu, 25 Jan 2018 20:24:23 GMT
etag
W/"21c4d9cf95ab51299b56ca268bcc3658"
x-amz-meta-version
0.1.1
cache-control
max-age=0
x-amz-meta-type
breakout-box
x-amz-meta-id
94af4b27-ab7e-42cf-a2a1-9f98c09b790d
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
B3d58ZzfLy5BRU8E903fnqgOG5O9yVVOFr1T4Js764ZblUHMysjhDg==
age
115
c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc.html
cf-particle-html.eip.telegraph.co.uk/ Frame 9C45
3 KB
2 KB
Document
General
Full URL
https://cf-particle-html.eip.telegraph.co.uk/c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc.html?i=1&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Requested by
Host: cf.eip.telegraph.co.uk
URL: https://cf.eip.telegraph.co.uk/particle-embed/js/particle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-42.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ff9d2201369fad808efcf900cbbc5f182dca5f32aef58231b032c06624beeab

Request headers

:method
GET
:authority
cf-particle-html.eip.telegraph.co.uk
:scheme
https
:path
/c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc.html?i=1&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.telegraph.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ak_bmsc=D5CC4E572C00FF9ACE74FCB5426875CA0211647E32320000376E6460651AFB44~plxhvIN/mOJeWx2a/KSennIZk6rcWsF5ZzskqjUiKR8klEEQNVFuRWqZQ/b9M90Wx6I6E21i/QAUAwLbl3agXQ+9/g+1wPGm2GeFS1K138HtyxRdDlsA+XjWK21AV9TuDHrD4ucPhZNrJcm5es4QVXnevgjsz6SRKP6YdSJEDuBkEevAntwJNnlPFdqSiK1lugEJSN58RJvJq+EFJYe/XkTvY4RBikv/us63UipvqcHOQ=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.telegraph.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 25 Jan 2018 20:47:30 GMT
x-amz-meta-version
0.1.1
x-amz-meta-type
breakout-box
x-amz-meta-id
c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc
server
AmazonS3
content-encoding
gzip
date
Wed, 31 Mar 2021 12:42:33 GMT
cache-control
max-age=0
etag
W/"05904d6efde3daccda9ea2e9944966df"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Qoba4mmOL-5hCoIDh-MpMJwSt-KjjUjLsN3-lL3EGHYGShmKmq36SA==
5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2.html
cf-particle-html.eip.telegraph.co.uk/ Frame DB97
148 KB
112 KB
Document
General
Full URL
https://cf-particle-html.eip.telegraph.co.uk/5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2.html?i=2&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Requested by
Host: cf.eip.telegraph.co.uk
URL: https://cf.eip.telegraph.co.uk/particle-embed/js/particle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-42.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2526967bfca0c77fff7c5a03c5066c9389fb5e9b3c11fdb39fd65d81a2cfa22

Request headers

:method
GET
:authority
cf-particle-html.eip.telegraph.co.uk
:scheme
https
:path
/5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2.html?i=2&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.telegraph.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ak_bmsc=D5CC4E572C00FF9ACE74FCB5426875CA0211647E32320000376E6460651AFB44~plxhvIN/mOJeWx2a/KSennIZk6rcWsF5ZzskqjUiKR8klEEQNVFuRWqZQ/b9M90Wx6I6E21i/QAUAwLbl3agXQ+9/g+1wPGm2GeFS1K138HtyxRdDlsA+XjWK21AV9TuDHrD4ucPhZNrJcm5es4QVXnevgjsz6SRKP6YdSJEDuBkEevAntwJNnlPFdqSiK1lugEJSN58RJvJq+EFJYe/XkTvY4RBikv/us63UipvqcHOQ=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.telegraph.co.uk/

Response headers

content-type
text/html
last-modified
Thu, 25 Jan 2018 19:28:28 GMT
x-amz-meta-version
0.1.1
x-amz-meta-type
breakout-box
x-amz-meta-id
5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2
server
AmazonS3
content-encoding
gzip
date
Wed, 31 Mar 2021 12:42:33 GMT
cache-control
max-age=0
etag
W/"a6d7ca6cf1d8ea6fdfcd8b681337ba35"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
1yVz7t-DJXKkLkKBKKML33uaKW0Qu6DuwP1QlzP4L55Rj9OpL_Rm-g==
/
widgethost.barnebys.com/widgets/28/ Frame 0764
84 KB
14 KB
Document
General
Full URL
https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
fe6efeeabe838833f364498ef28eebc0cd26e2b604e74685dfecf3d0d9637ea8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

:method
GET
:authority
widgethost.barnebys.com
:scheme
https
:path
/widgets/28/?w=300&h=460
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.telegraph.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.telegraph.co.uk/

Response headers

content-type
text/html; charset=utf-8
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
date
Wed, 31 Mar 2021 12:42:32 GMT
x-vercel-cache
MISS
age
0
server
Vercel
x-vercel-id
cdg1::bru1::8ggt8-1617194552849-1b3ee64e1d80
strict-transport-security
max-age=63072000
content-encoding
br
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a912fc66911606d475f5615e349aea439944aec0ede9bcbde1e97dc8813b00be

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
widgets.js
platform.twitter.com/
64 KB
64 KB
Image
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/core/head.min.5-84--1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBB) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
550
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
29026
x-tw-cdn
VZ
Last-Modified
Wed, 03 Mar 2021 19:22:22 GMT
Server
ECS (amb/6BBB)
Etag
"965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
core.min.5-83--0.js
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/
64 KB
64 KB
Image
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/core.min.5-83--0.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
102441
etag
W/"54a52-5be449c6e92e4"
last-modified
Wed, 24 Mar 2021 09:06:15 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
date
Wed, 31 Mar 2021 12:42:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=30918352
accept-ranges
bytes
fbevents.js
connect.facebook.net/en_US/
91 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/core/head.min.5-84--1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
M1s9JY7vcVnVaVCsSb3ZOjgy2cl42jkItbPdXUCH2iIdCsSem8t+g+6FTKhRDqCIWw23PATH5xtScGdPcU//hQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 31 Mar 2021 12:42:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
firebase-app.js
www.gstatic.com/firebasejs/5.0.4/
34 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/5.0.4/firebase-app.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/core/head.min.5-84--1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f650f70bd4a8e7ce25699e594dde50a2817bd8cf94f8b591b9468c08095e366a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 05:27:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 May 2018 22:58:13 GMT
server
sffe
age
198879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12419
x-xss-protection
0
expires
Tue, 29 Mar 2022 05:27:53 GMT
firebase-firestore.js
www.gstatic.com/firebasejs/5.0.4/
316 KB
80 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/5.0.4/firebase-firestore.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/core/head.min.5-84--1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23d4b414f87aa8523c3e11439c3f4802c38e205d26ba3979d7ada3f1697f447e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 24 Mar 2021 13:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 May 2018 22:58:14 GMT
server
sffe
age
602957
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81858
x-xss-protection
0
expires
Thu, 24 Mar 2022 13:13:15 GMT
native-message
tcf2.telegraph.co.uk/wrapper/tcfv2/v1/gdpr/ Frame
0
0
Preflight
General
Full URL
https://tcf2.telegraph.co.uk/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=68cd903f-fbb5-44a0-bb9c-bec23a695bff&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A191%2C%22requestUUID%22%3A%2268cd903f-fbb5-44a0-bb9c-bec23a695bff%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Ftcf2.telegraph.co.uk%22%2C%22targetingParams%22%3A%22%7B%5C%22msgId%5C%22%3A%5C%22null%5C%22%2C%5C%22testData%5C%22%3A%5C%22null%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol
H2
Server
13.226.159.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-114.dus51.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.telegraph.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html; charset=utf-8
content-length
13
date
Wed, 31 Mar 2021 12:42:32 GMT
x-powered-by
Express
access-control-allow-origin
https://www.telegraph.co.uk
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache, no-store
allow
POST,GET,HEAD
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
ad1Ei0QJBbVu6g6zgyWvk8sjgMlrL17ZrknfgOUHYSmBDvkfZ1jthw==
native-message
tcf2.telegraph.co.uk/wrapper/tcfv2/v1/gdpr/
206 KB
12 KB
XHR
General
Full URL
https://tcf2.telegraph.co.uk/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=68cd903f-fbb5-44a0-bb9c-bec23a695bff&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A191%2C%22requestUUID%22%3A%2268cd903f-fbb5-44a0-bb9c-bec23a695bff%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Ftcf2.telegraph.co.uk%22%2C%22targetingParams%22%3A%22%7B%5C%22msgId%5C%22%3A%5C%22null%5C%22%2C%5C%22testData%5C%22%3A%5C%22null%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-cmp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-114.dus51.r.cloudfront.net
Software
/ Express
Resource Hash
a6b1dcf5bd213819961caaf5d47d6bb32aae383c9f8cb3d42c9f9fa59995c092

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
xndAbbPPoqDpF5P94ljiT1q8YDW6VZzEt85bDmChNw2MGCTP2eFRkg==
via
1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
id
dpm.demdex.net/
2 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=2C7336C753C676BA0A490D4B%40AdobeOrg&d_nsid=0&ts=1617194552919
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-123-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a963310ab67dcb696649cafa48fa34032b50b4335b68c67d49b50c7e4741400d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v090-092e58800.edge-irl1.demdex.com 5.80.7.20210304103356 3ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
aqnFsDEtRxU=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.telegraph.co.uk
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
808
Expires
Thu, 01 Jan 1970 00:00:00 GMT
EX2e89287668b94241b423719cf47c4220-libraryCode_source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
72 KB
25 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/EX2e89287668b94241b423719cf47c4220-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f15f3314d491a8486a858d76c54b24773f84f4b222cc5be918670a78daaf398d

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:32 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
25630
expires
Wed, 31 Mar 2021 13:42:32 GMT
quantum-telegraph.js
cdn.quantummetric.com/qscripts/
226 KB
62 KB
Script
General
Full URL
https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1806408f86d0e3e8dac0f72f438215f2b8f55082c441cbd7552947f606fa154c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:32 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
192
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0929e7a68100004ed4eb954000000001
server
cloudflare
etag
W/"161710173473916153329846161617177605891"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
cf-ray
6389a884082d4ed4-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
tmgrefresh.js
secure.telegraph.co.uk/customer/lib/tmgrefresh@v1.0.0/
6 KB
3 KB
Script
General
Full URL
https://secure.telegraph.co.uk/customer/lib/tmgrefresh@v1.0.0/tmgrefresh.js
Requested by
Host: secure.telegraph.co.uk
URL: https://secure.telegraph.co.uk/customer/lib/tmgrefresh.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.136.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-136-18.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
4e349e1907bab1b7fcb3db5468f072ee1d23609cc75025aac926e44177e3819a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-GUploader-UploadID
ABg5-UwoulR8TCu03DrTWF9wKIpmCkzJfG4BA9Ol3sIR_cBWBdFK3N7rMqXF5EtVbhko8Tit4m9lsOs9hRRpUF-bh_Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
Server-Timing
cdn-cache; desc=HIT, edge; dur=1
Content-Length
2341
Last-Modified
Mon, 29 Mar 2021 12:41:53 GMT
Server
UploadServer
Cache-Control
public, max-age=402
ETag
"eaa74eaee8c14ea9fe26d80048343fca"
X-Frame-Options
SAMEORIGIN
x-goog-hash
crc32c=uedIpA==
x-goog-generation
1617021713615872
Connection
keep-alive
x-goog-stored-content-length
2341
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Wed, 31 Mar 2021 12:49:15 GMT
fb6cjraf9cejut2a.js
cdn.petametrics.com/
199 KB
67 KB
Script
General
Full URL
https://cdn.petametrics.com/fb6cjraf9cejut2a.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/core/head.min.5-84--1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.88.138.85 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2938a44e1916a003023a965c0fedffbabdeea2e9a9e9168749cc9def0f823384

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Feb 2021 06:28:50 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
1EG7BF0T61VZ4SXR
ETag
W/"ae8879caaebd059447a16d757fa45027"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
x-amz-version-id
OrWfnZqy3T7QaQj3tO1PPg3sbOF5eCE4
x-amz-id-2
CmoapUeFuZfLAmmZtnzugr/PfXfawaT9izamnFmUKuqSY6p2pkFXKywKzLHO9BXO2k6NDosqppc=
Expires
Wed, 07 Apr 2021 12:42:33 GMT
load
experience.tinypass.com/xbuilder/experience/
4 KB
1 KB
Script
General
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=NJu5KnOFpu
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/core/head.min.5-84--1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843688fc97c2bb33c651ea9bd701286943428b31366824337e0ee94d3a139a35
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
1005
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
0929e7a6d700002c36d1868000000001
x-request-id
C0j2uqqJEj9
wn
prod-exp-10-0-83-141
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
6389a8848ccf2c36-FRA
expires
Wed, 31 Mar 2021 13:12:33 GMT
RCa62cf262b42847da80a8bed0c49701f3-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
456 B
574 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCa62cf262b42847da80a8bed0c49701f3-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2533beb82f10239c1c8d7cc216c3e74d585437daa1e292bdd270a7159faca18a

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
306
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC0e837c2e8e5744eba1be15ebe9c787b5-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
1 KB
889 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC0e837c2e8e5744eba1be15ebe9c787b5-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4fd7974fef2a87c5ddee4dba6d4868779fc1e1587a5f985a699d700bd47c2df9

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
622
expires
Wed, 31 Mar 2021 13:42:33 GMT
RCa94168d05ac8450da44af9d68228fb7d-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
1 KB
989 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCa94168d05ac8450da44af9d68228fb7d-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7470d96d65299f4b9b10053228b1ae4211f9513a63c09a086116987b469cdc2e

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
722
expires
Wed, 31 Mar 2021 13:42:33 GMT
RCd54e9c42e0624ea0ad5b96782ea44321-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
361 B
506 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCd54e9c42e0624ea0ad5b96782ea44321-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
457895a9c9031a672f10398bbb48d1d6f8c6a1b385b89a1c01f5fc4d120933a7

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
238
expires
Wed, 31 Mar 2021 13:42:33 GMT
RCc138c3393f56415ebf739ba7b8ecca91-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
509 B
587 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCc138c3393f56415ebf739ba7b8ecca91-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
cd61f50814727a6ce42c82e6fffd3630476b83c87033d8bd3574ec9fa1ad8434

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
320
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC4e7cf4e8b10549a8b35a4e402f27d07b-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC4e7cf4e8b10549a8b35a4e402f27d07b-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a854d07d030810900d4033f285b35ebdf296a19778413da737d1fd2bc5d23d0c

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
923
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC575f15ce13af4933b805b4f732675d4b-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
664 B
677 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC575f15ce13af4933b805b4f732675d4b-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e33aff4ca739b86dd3b5579ff66a28d6df3e16caf0341f9797669cc9eecd8f27

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
410
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC7241191a152545d7a7d12a79486283a3-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
733 B
723 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC7241191a152545d7a7d12a79486283a3-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6192a37252732229d814509a7d42395c35235fe57e5460f5a2866a935bfc624d

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
455
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC1a7072be752f45e9b21f3e68b6a9fa0c-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
4 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC1a7072be752f45e9b21f3e68b6a9fa0c-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bccf7cea66bb7a4e68e65edcb95f2164150a03a9b78289f281e9d339c1471482

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1440
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC3d69ec28cb7d4f66a096c1fca255efca-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC3d69ec28cb7d4f66a096c1fca255efca-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4ac5a8b1357e198636ee837ae1db9515c90dff3197912422e879cc1a7367c4f3

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
971
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC4bbc108e88c54c04a990c12e764fcca0-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
1 KB
817 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC4bbc108e88c54c04a990c12e764fcca0-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0dffeab9f30efef3e8a96b969debdba7ece0711f06dca379b026d96ab91ebfc2

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
549
expires
Wed, 31 Mar 2021 13:42:33 GMT
RCc7b4ff165fc44254a2a2b28b3f7c7061-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
483 B
571 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCc7b4ff165fc44254a2a2b28b3f7c7061-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
20565db371e6022b32a6f209d5e354d6a3c55d84ecbe6046f20bb6e317dbcf4a

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
303
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC235c587e7e0842c4b252be5e0ea0ea5b-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
930 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC235c587e7e0842c4b252be5e0ea0ea5b-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b1c56e7b446d05b3abf59717e8f04f167edeff69575830732f6bf09e35952550

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
662
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC196522a11d1a4e678ce58e6416ecddf5-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC196522a11d1a4e678ce58e6416ecddf5-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
80928ae8cba23f04b45e38448a4a4979c5f9f2538779ce66d57c8c8882c0bc82

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
923
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC1cec163a7e3341d387ac93a9b693c361-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC1cec163a7e3341d387ac93a9b693c361-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4d5f69088f263c5f7a7f2aac48d7e58f3e6a9ba487f6d6bab9463b2be8e5df98

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
968
expires
Wed, 31 Mar 2021 13:42:33 GMT
RCc6fb8d11b10a4c5aa06b66fe4a72831c-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCc6fb8d11b10a4c5aa06b66fe4a72831c-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
896239692a6fbd88e0c6813271874475868a0dd30bb1f333f5b288611df48e54

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
872
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC22c7f2e6babe4dacb78107e8ec1d6721-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
795 B
756 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC22c7f2e6babe4dacb78107e8ec1d6721-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3453ceb94ab0d67436a4eb37d02fcf264c8c6c16f4c199e4e35628b04f3a5fa4

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
488
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC7bf4957febde4e2bb2c19a02a6bf77b0-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
844 B
750 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC7bf4957febde4e2bb2c19a02a6bf77b0-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
83944cd557f8d63d1515a876eeaf774e2cdbe507a1d0d768c767179477634cc9

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
482
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC1eef8e1ea0784eeab2c8cde9d3bcb1bc-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC1eef8e1ea0784eeab2c8cde9d3bcb1bc-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
64015e9e159e9145c7ee9abd8c9e101eb76964740d14cf6acf42f97c0f2ff22a

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
991
expires
Wed, 31 Mar 2021 13:42:33 GMT
RCe0e73a30afcd42a88ba9104e564d97a4-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCe0e73a30afcd42a88ba9104e564d97a4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6dde141bdbbf1ce88a02ac30deb741afc0fae49111c534015d86943ac6c43100

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
864
expires
Wed, 31 Mar 2021 13:42:33 GMT
RCb13e63aa6c3247e7816258648cf50404-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCb13e63aa6c3247e7816258648cf50404-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f258ad98e587de6f01fcc6f2bc2eba79e08ef9c6f7711dbf9c9a97cbf96f17b3

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
784
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC90706f184cc14ab1abf7a3b28874f2c9-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
961 B
803 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC90706f184cc14ab1abf7a3b28874f2c9-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
59090ff58225cf6ef00596f1e187eae64b1bf6354ecd6315987a96131e431dc6

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
535
expires
Wed, 31 Mar 2021 13:42:33 GMT
RCaa99b8900c2848eb8a7141a686ae3dd1-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
783 B
767 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCaa99b8900c2848eb8a7141a686ae3dd1-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d42dc8572f37c938ac5ad372e8159588baafaef3557d60f784b32ae9b9f1104e

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
499
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC04db861345d74c34864632a4b8c94fc9-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
809 B
738 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC04db861345d74c34864632a4b8c94fc9-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
618efd207cfa5d91bb019896ac241ad79f49b66c9d7330d43bc6211e55129a67

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
470
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC760c284df7d049e1ace988a18c04b810-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
743 B
747 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC760c284df7d049e1ace988a18c04b810-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7ba8aed6bc678c0876e330ba57c0afefba5097991320b0825588f1ce824ec67a

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
479
expires
Wed, 31 Mar 2021 13:42:33 GMT
RCd09644f115064b4494f78c8d5c11cf4b-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCd09644f115064b4494f78c8d5c11cf4b-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ddeff61fd49d5024920a8b594db83850568a162235e0c7f54a04b5a0c4bd061a

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
996
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC28dd4f295fc74e66b8a7e8bb4775ae39-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC28dd4f295fc74e66b8a7e8bb4775ae39-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bf87933936cb35a698b2e45919a36bd2d8c3bdc9e87e2598ed333c14259ea935

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1027
expires
Wed, 31 Mar 2021 13:42:33 GMT
RCa03b2b29679643fa883215f8484af6d3-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCa03b2b29679643fa883215f8484af6d3-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
de33655993e6ec99173a5ef0c1b7361046aa3d4fd9799501448211857f32caa5

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
918
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC750f0474a6464c0cbbc0875df7fe81f0-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
606 B
673 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC750f0474a6464c0cbbc0875df7fe81f0-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7aa570c8330a223b8ee468f861d0e08269d5897d550f14eb20a5fda9636376f9

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
405
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC3dd423db4eab469a8b0d6b7f81529b8e-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
967 B
853 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC3dd423db4eab469a8b0d6b7f81529b8e-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
00d8f5e9fb27f1e04e0e321c420fbe85687edfd857a54447513fed1acadb2176

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
585
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC9171f1b9d48542f7be3e80cf24c61719-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC9171f1b9d48542f7be3e80cf24c61719-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c4ceb32f3b32dfe591ed181292f10d921a73aa90bd126d5f1978bb11631789e0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
796
expires
Wed, 31 Mar 2021 13:42:33 GMT
RCb3de2fc4aa444db9ab3fad2724f77730-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCb3de2fc4aa444db9ab3fad2724f77730-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8d8a2e3881800dce4ec285c50a8d5ffefe290a52f1b1413bcc3023ad1bf20b68

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
928
expires
Wed, 31 Mar 2021 13:42:33 GMT
RCaf681fed97634d06afec113bae7a5dca-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
788 B
755 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCaf681fed97634d06afec113bae7a5dca-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ac58225491d1a091ebca255966d2035c136dfe5d9d89e98b6da63a890da3a056

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
487
expires
Wed, 31 Mar 2021 13:42:33 GMT
RCdfae883117f248319fa0de5864300ac0-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
790 B
772 B
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RCdfae883117f248319fa0de5864300ac0-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4f076d7b6c5c839fb1adb4ac9bd4d4262b24eda3aed728917a5993e201cf31cb

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
504
expires
Wed, 31 Mar 2021 13:42:33 GMT
RC0392241e4a1a46c2a1c36fb86deca2dd-source.min.js
assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/RC0392241e4a1a46c2a1c36fb86deca2dd-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a04b8a5d9cdeeab94e476ad0f46d6b4fa54fc6adba0ee2d005ad0bbeee5e2b46

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 10:48:04 GMT
server
AkamaiNetStorage
etag
"759b4bf258cac66279f20356a55cb5bd:1617187684.62023"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
857
expires
Wed, 31 Mar 2021 13:42:33 GMT
widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html
platform.twitter.com/widgets/ Frame 8C42
320 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.telegraph.co.uk
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC3) /
Resource Hash
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.telegraph.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.telegraph.co.uk/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1785105
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Mar 2021 12:42:33 GMT
Etag
"e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified
Wed, 03 Mar 2021 19:20:25 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BC3)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105690
Cookie set dest5.html
tmg.demdex.net/ Frame 370D
7 KB
3 KB
Document
General
Full URL
https://tmg.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-123-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
tmg.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.telegraph.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=22164234260906839360468712829451087008
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.telegraph.co.uk/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 10 Mar 2021 16:02:27 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=22164234260906839360468712829451087008;Path=/;Domain=.demdex.net;Expires=Mon, 27-Sep-2021 12:42:33 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
9zaBKD2VRtM=
Content-Length
2785
Connection
keep-alive
id
smetrics.telegraph.co.uk/
48 B
515 B
XHR
General
Full URL
https://smetrics.telegraph.co.uk/id?d_visid_ver=4.5.2&d_fieldgroup=A&mcorgid=2C7336C753C676BA0A490D4B%40AdobeOrg&mid=22189525394895984890470677963254177433&ts=1617194553134
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
1ad3690bd4a33905a9d80a5983576410ce780d838e3821a6bf59e48456633ec8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-fd4497967-c79dk
vary
Origin
x-c
main-1451.Ibee288.M0-486
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YGRuOQAAAJN-ACkN
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=22164234260906839360468712829451087008
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YGRuOQAAAJN-ACkN
42 B
915 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YGRuOQAAAJN-ACkN
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-123-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-0abff6264.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
oZJojOEERuI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YGRuOQAAAJN-ACkN
Date
Wed, 31 Mar 2021 12:42:33 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
telegraphmediagroupl.tt.omtrdc.net/rest/v1/
40 KB
4 KB
XHR
General
Full URL
https://telegraphmediagroupl.tt.omtrdc.net/rest/v1/delivery?client=telegraphmediagroupl&sessionId=49e296d8b3b84557879d076734c3b2d2&version=2.3.2
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.166.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-166-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f7dce684f4228173bd693935a544e7116ebd5755b5f20dccd1f2be6ff2b2ac48

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraph.co.uk
date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id
5e9640643aa537f454988f7d953fa235
content-type
application/json;charset=UTF-8
core.min.5-83--0.js
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/
339 KB
101 KB
Script
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/core.min.5-83--0.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/core/head.min.5-84--1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
c61fbca8f37d20dc4a635625f00e72a2f5c602c9805d57a7d777a6b5c514ea13
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
102441
etag
W/"54a52-5be449c6e92e4"
last-modified
Wed, 24 Mar 2021 09:06:15 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
date
Wed, 31 Mar 2021 12:42:33 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=30918351
accept-ranges
bytes
styles.39cab4d6.chunk.css
widgethost.barnebys.com/_next/static/css/ Frame 0764
35 KB
8 KB
Stylesheet
General
Full URL
https://widgethost.barnebys.com/_next/static/css/styles.39cab4d6.chunk.css
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4803966bd46a87f72fd91bc4c364dafd440c3bbd10aa39f08c4062923a4776bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://widgethost.barnebys.com/widgets/28/?w=300&h=460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
br
server
Vercel
age
2828
x-vercel-id
cdg1::8ggt8-1617194553227-f39842b1881b
etag
W/"4803966bd46a87f72fd91bc4c364dafd440c3bbd10aa39f08c4062923a4776bb"
strict-transport-security
max-age=63072000
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
content-disposition
inline; filename="styles.39cab4d6.chunk.css"
x-vercel-cache
HIT
main-385d541686b65ec453f7.js
widgethost.barnebys.com/_next/static/chunks/ Frame 0764
20 KB
7 KB
Script
General
Full URL
https://widgethost.barnebys.com/_next/static/chunks/main-385d541686b65ec453f7.js
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
420977f3b586d18b52cdc99f85298b4bbe34de610c5d55304c9570c2b64bc414
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://widgethost.barnebys.com/widgets/28/?w=300&h=460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
br
server
Vercel
age
4379
x-vercel-id
cdg1::8ggt8-1617194553229-d1d9082eec27
etag
W/"420977f3b586d18b52cdc99f85298b4bbe34de610c5d55304c9570c2b64bc414"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
content-disposition
inline; filename="main-385d541686b65ec453f7.js"
x-vercel-cache
HIT
webpack-d7b2fb72fb7257504a38.js
widgethost.barnebys.com/_next/static/chunks/ Frame 0764
2 KB
935 B
Script
General
Full URL
https://widgethost.barnebys.com/_next/static/chunks/webpack-d7b2fb72fb7257504a38.js
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://widgethost.barnebys.com/widgets/28/?w=300&h=460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
br
server
Vercel
age
7476
x-vercel-id
cdg1::8ggt8-1617194553229-7622cd0c00a6
etag
W/"26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
content-disposition
inline; filename="webpack-d7b2fb72fb7257504a38.js"
x-vercel-cache
HIT
framework.cb05d56be993eb6b088a.js
widgethost.barnebys.com/_next/static/chunks/ Frame 0764
125 KB
41 KB
Script
General
Full URL
https://widgethost.barnebys.com/_next/static/chunks/framework.cb05d56be993eb6b088a.js
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c1b64d437d4702456168fbcc8bf17ebd0e06b4461e633ace58317b477d1c5f7d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://widgethost.barnebys.com/widgets/28/?w=300&h=460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
br
server
Vercel
age
7463
x-vercel-id
cdg1::8ggt8-1617194553229-53d2661f092a
etag
W/"c1b64d437d4702456168fbcc8bf17ebd0e06b4461e633ace58317b477d1c5f7d"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
content-disposition
inline; filename="framework.cb05d56be993eb6b088a.js"
x-vercel-cache
HIT
f6078781a05fe1bcb0902d23dbbb2662c8d200b3.ed5573c5ff9bc3fe6d1f.js
widgethost.barnebys.com/_next/static/chunks/ Frame 0764
32 KB
11 KB
Script
General
Full URL
https://widgethost.barnebys.com/_next/static/chunks/f6078781a05fe1bcb0902d23dbbb2662c8d200b3.ed5573c5ff9bc3fe6d1f.js
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b744c892362d9520abc29b5366640271d9d41fcfde0b40603f659bc852091e73
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://widgethost.barnebys.com/widgets/28/?w=300&h=460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
br
server
Vercel
age
4379
x-vercel-id
cdg1::8ggt8-1617194553229-dc7c9df0b073
etag
W/"b744c892362d9520abc29b5366640271d9d41fcfde0b40603f659bc852091e73"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
content-disposition
inline; filename="f6078781a05fe1bcb0902d23dbbb2662c8d200b3.ed5573c5ff9bc3fe6d1f.js"
x-vercel-cache
HIT
styles.e03a529efcc82b856f8b.js
widgethost.barnebys.com/_next/static/chunks/ Frame 0764
7 KB
4 KB
Script
General
Full URL
https://widgethost.barnebys.com/_next/static/chunks/styles.e03a529efcc82b856f8b.js
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d0994c7b5fc48506baaccf722aa2489db0beba3521314128b45b9707ceb0e394
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://widgethost.barnebys.com/widgets/28/?w=300&h=460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
br
server
Vercel
age
2828
x-vercel-id
cdg1::8ggt8-1617194553229-797f373b27c9
etag
W/"d0994c7b5fc48506baaccf722aa2489db0beba3521314128b45b9707ceb0e394"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
content-disposition
inline; filename="styles.e03a529efcc82b856f8b.js"
x-vercel-cache
HIT
_app-738e7dd174b10ecd1147.js
widgethost.barnebys.com/_next/static/chunks/pages/ Frame 0764
5 KB
2 KB
Script
General
Full URL
https://widgethost.barnebys.com/_next/static/chunks/pages/_app-738e7dd174b10ecd1147.js
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b122328d0677ff5899b273e6abc80016195ebb04f4739f82b8eeef4d14361a96
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://widgethost.barnebys.com/widgets/28/?w=300&h=460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
br
server
Vercel
age
2828
x-vercel-id
cdg1::8ggt8-1617194553229-a5e34a28ae49
etag
W/"b122328d0677ff5899b273e6abc80016195ebb04f4739f82b8eeef4d14361a96"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
content-disposition
inline; filename="_app-738e7dd174b10ecd1147.js"
x-vercel-cache
HIT
29107295.017da84b0a061516d61c.js
widgethost.barnebys.com/_next/static/chunks/ Frame 0764
72 KB
26 KB
Script
General
Full URL
https://widgethost.barnebys.com/_next/static/chunks/29107295.017da84b0a061516d61c.js
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
fa120033dfca7d27ed6f4825b40e48a85f1c4e02c284df6ac8cc2182f26baed7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://widgethost.barnebys.com/widgets/28/?w=300&h=460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
br
server
Vercel
age
3403
x-vercel-id
cdg1::8ggt8-1617194553229-34bb6819dd9e
etag
W/"fa120033dfca7d27ed6f4825b40e48a85f1c4e02c284df6ac8cc2182f26baed7"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
content-disposition
inline; filename="29107295.017da84b0a061516d61c.js"
x-vercel-cache
HIT
index-26346b3469b8b1d20be5.js
widgethost.barnebys.com/_next/static/chunks/pages/ Frame 0764
110 KB
37 KB
Script
General
Full URL
https://widgethost.barnebys.com/_next/static/chunks/pages/index-26346b3469b8b1d20be5.js
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
7195632391298bdf0239c86226d59d80bf655d9cdb9c50daa993c81fba29bfd0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://widgethost.barnebys.com/widgets/28/?w=300&h=460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
br
server
Vercel
age
3612
x-vercel-id
cdg1::8ggt8-1617194553229-92cf4a37847e
etag
W/"7195632391298bdf0239c86226d59d80bf655d9cdb9c50daa993c81fba29bfd0"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
content-disposition
inline; filename="index-26346b3469b8b1d20be5.js"
x-vercel-cache
HIT
gpt.js
www.googletagservices.com/tag/js/
58 KB
20 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-gpt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88978083addd844411f3e046964ba8ee571f6cc94460236b363d8cbf872550e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"828 / 478 of 1000 / last-modified: 1617189203"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19720
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:42:33 GMT
188607-104920660844159.js
js-sec.indexww.com/ht/p/
43 KB
15 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/188607-104920660844159.js
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-gpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d21e924edcd91a26b09aad9cb10eb162bc70b5372b5db33790291203a40b6f46

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 12:40:32 GMT
Server
Apache
ETag
"90276c-aa9c-5bed46bb3f647"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3508
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
14539
Expires
Wed, 31 Mar 2021 13:41:01 GMT
channels.cgi
telegraph.grapeshot.co.uk/main/
937 B
839 B
Script
General
Full URL
https://telegraph.grapeshot.co.uk/main/channels.cgi?url=https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-gpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.64.56.69 , United Kingdom, ASN200981 (GRAPESHOT-UK-1, SE),
Reverse DNS
server69.hml.grapeshot.co.uk
Software
/
Resource Hash
e5ce48322b9a7efe2fcdb1284193ca476aad7ff4084ad203026a2f59f204c133
Security Headers
Name Value
Strict-Transport-Security max-age=157680000; includeSubDomains; preload

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
GSDeployment
main
Connection
Keep-Alive
Content-Type
text/javascript
Cache-Control
max-age=0, max-age=3600
GSResponse
OK
Strict-Transport-Security
max-age=157680000; includeSubDomains; preload
Keep-Alive
timeout=5
Content-Length
432
Expires
Wed, 31 Mar 2021 13:42:33 GMT
prebid4.29.0.appnexus.criteo.ix.openx.ozone.rubicon.teads.adomik.ga.consentManagementGDPR.PubComID.UserIDPubComID.unruly.js
static.telegraph.co.uk/develop/telegraph-advertising/prebid/
282 KB
283 KB
Script
General
Full URL
https://static.telegraph.co.uk/develop/telegraph-advertising/prebid/prebid4.29.0.appnexus.criteo.ix.openx.ozone.rubicon.teads.adomik.ga.consentManagementGDPR.PubComID.UserIDPubComID.unruly.js
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-gpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-111.dus51.r.cloudfront.net
Software
UploadServer /
Resource Hash
4a9f6c38a5229b0a3ec312dc66a7032c0b35ceb0a4d46c8589459ffb35fefe0d

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:39:40 GMT
Via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
x-goog-meta-goog-reserved-file-mtime
1616606154
Age
192
X-GUploader-UploadID
ABg5-Uw2pDgQ1o7kCh03o1Am3Fdqs2ZEHOcB2oE7C-vmdjuFlLH_YDNxcrHtoHLDNcfZRJFTDKTSMmvnMVFqIRm0CpQ
X-Cache
Hit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
288792
Last-Modified
Wed, 24 Mar 2021 17:16:40 GMT
Server
UploadServer
ETag
"680165713a7ce20f0cda7f7bd81fd8ea"
x-goog-hash
crc32c=qMkmHQ==, md5=aAFlcTp84g8M2n972B/Y6g==
x-goog-generation
1616606199962783
Cache-Control
public,max-age=300
x-goog-stored-content-length
288792
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Type
text/javascript
X-Amz-Cf-Id
kW4seA4-Q1Uzc4NBTq3HMSBYfHMJgCgXdofzaLpjBtY3myUt7LYkEg==
Expires
Wed, 31 Mar 2021 12:44:21 GMT
tinypass.min.js
cdn.tinypass.com/api/
402 KB
126 KB
Script
General
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=NJu5KnOFpu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa45c05e4aba63e0c3ff913a01024d58f65e4da2597bf3b15cada6055c2d3f9
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
133
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
0929e7a7a400002c36d9287000000001
wn
prod-dash-10-0-88-41
last-modified
Tue, 30 Mar 2021 14:45:12 GMT
server
cloudflare
etag
W/"411626-1617115512000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript
server-time
0.000
cache-control
public, max-age=300
cf-ray
6389a885df1c2c36-FRA
expires
Wed, 31 Mar 2021 12:47:33 GMT
fontsv02.css
cf.eip.telegraph.co.uk/assets/_css/ Frame 8A71
6 KB
6 KB
Stylesheet
General
Full URL
https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/94af4b27-ab7e-42cf-a2a1-9f98c09b790d.html?i=0&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=94af4b27-ab7e-42cf-a2a1-9f98c09b790d&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
746bf78dbd28d668ecb839ee309b8c336736cd0fc9ae82cccb07815668287669

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Sep 2020 18:33:42 GMT
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
last-modified
Tue, 12 Feb 2019 13:28:37 GMT
server
AmazonS3
age
17345332
etag
"3157a80bd484e52bc66158d865860532"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
5925
x-amz-cf-id
tkj-ICZUp6KriFogIeTcHxCBJNNz76i-Drs7voC28zKJsYR3ANhzaw==
particles.css
cf.eip.telegraph.co.uk/particle-CMS/particles/ Frame 8A71
19 KB
10 KB
Stylesheet
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/particles.css
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/94af4b27-ab7e-42cf-a2a1-9f98c09b790d.html?i=0&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=94af4b27-ab7e-42cf-a2a1-9f98c09b790d&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49a4c5845adc93d7a2ce1895fc5fe5135c9d8cbee1964d13cd883686f23ccdbf

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Oct 2020 20:35:19 GMT
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 14:15:51 GMT
server
AmazonS3
age
14746035
etag
W/"9299c8cc10e0d8f034e001b7a7677063"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
iIq5Ao4nIZMfcrlB7xT4FcyvcKxShgo1R6uEUiySR6SW4ZrCUdah9g==
colors.css
cf.eip.telegraph.co.uk/particle-CMS/particles/ Frame 8A71
32 KB
3 KB
Stylesheet
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/colors.css
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/94af4b27-ab7e-42cf-a2a1-9f98c09b790d.html?i=0&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=94af4b27-ab7e-42cf-a2a1-9f98c09b790d&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf8b6cd6b1ab67d65f9cb45bbfa42da38691c40f0361b4b46802b71727c2426d

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:16:44 GMT
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 14:15:51 GMT
server
AmazonS3
age
5001950
etag
W/"cd271f11b7281c88f4b20ec43cc79686"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Wp33oAnLaOU1SDVHPV2fXm5M5topfIfqhvunRYLv51JiLnKJKeVKnQ==
0.1.1.css
cf.eip.telegraph.co.uk/particle-CMS/particles/breakout-box/public-assets/css/ Frame 8A71
34 KB
5 KB
Stylesheet
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/breakout-box/public-assets/css/0.1.1.css
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/94af4b27-ab7e-42cf-a2a1-9f98c09b790d.html?i=0&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=94af4b27-ab7e-42cf-a2a1-9f98c09b790d&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dacf7c48f0b0e62443daafe305d60a041e7abc6150aaed941739731f1a5f5d9b

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 04:32:35 GMT
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 14:15:56 GMT
server
AmazonS3
age
5299799
etag
W/"1e4e4658c5275d7791c054762b4a3b6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
AsX2DVXavW_mETn32yLdV6dS1Tu5pI115HGPrehjzuMJvCaPwD-uIw==
jquery-2.2.0.min.js
code.jquery.com/ Frame 8A71
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/94af4b27-ab7e-42cf-a2a1-9f98c09b790d.html?i=0&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=94af4b27-ab7e-42cf-a2a1-9f98c09b790d&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Fri, 08 Jan 2016 20:03:15 GMT
server
nginx
etag
W/"56901603-14e55"
vary
Accept-Encoding
x-hw
1617194553.dop133.fr8.t,1617194553.cds214.fr8.hn,1617194553.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29875
0.1.1.js
cf.eip.telegraph.co.uk/particle-CMS/particles/breakout-box/public-assets/js/ Frame 8A71
12 KB
3 KB
Script
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/breakout-box/public-assets/js/0.1.1.js
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/94af4b27-ab7e-42cf-a2a1-9f98c09b790d.html?i=0&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=94af4b27-ab7e-42cf-a2a1-9f98c09b790d&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e202c3c23ac2e8ebd64a4f47a319a0ff7c943194278e4a4515be6297bb6d179f

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 04:32:36 GMT
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 14:15:57 GMT
server
AmazonS3
age
5299798
etag
W/"d7ff58271789db3e6d4e46cbd3b5bc4e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
WAxrZ5fBfpv2E3aLqQ8I4O4ENR7LtIb3Lp1SnCyeZm8KnVRGxFM0_A==
helpers.js
cf.eip.telegraph.co.uk/particle-CMS/particles/ Frame 8A71
11 KB
4 KB
Script
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/helpers.js
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/94af4b27-ab7e-42cf-a2a1-9f98c09b790d.html?i=0&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=94af4b27-ab7e-42cf-a2a1-9f98c09b790d&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5d94d439e6670182f082e45bbbc8ed71d707637b3b7253d6945ca7c852331f2

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 15:53:31 GMT
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 15:50:27 GMT
server
AmazonS3
age
4913343
etag
W/"1440147a42e3000dc6f8bdfbbe9db58c"
vary
Accept-Encoding
x-amz-meta-cache-control
max-age=0,s-maxage=86400
content-type
application/javascript
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=0,s-maxage=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
wRgLDRFS-xw7nvy6pslbqYMTBHvi8qXJf0-8cSFyFPWZDTWSapgFfQ==
analytics.js
cf.eip.telegraph.co.uk/particle-CMS/particles/ Frame 8A71
23 B
349 B
Script
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/analytics.js
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/94af4b27-ab7e-42cf-a2a1-9f98c09b790d.html?i=0&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=94af4b27-ab7e-42cf-a2a1-9f98c09b790d&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
497379f191fc1c99b86b108e2cd67ce1bda71b964b4ec1e7dc9f4945c5cc43c5

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 01:36:48 GMT
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
last-modified
Tue, 15 Dec 2020 12:57:10 GMT
server
AmazonS3
age
4359946
etag
"1186e5b12d7897470531cbdfe91413ea"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
23
x-amz-cf-id
6FpVohR2sO1M6l4zn3I6SzX6xihXMOk1zstCV7zUEVvwQ92nyuiB2w==
fontsv02.css
cf.eip.telegraph.co.uk/assets/_css/ Frame DB97
6 KB
6 KB
Stylesheet
General
Full URL
https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2.html?i=2&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
746bf78dbd28d668ecb839ee309b8c336736cd0fc9ae82cccb07815668287669

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Sep 2020 18:33:42 GMT
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
last-modified
Tue, 12 Feb 2019 13:28:37 GMT
server
AmazonS3
age
17345332
etag
"3157a80bd484e52bc66158d865860532"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
5925
x-amz-cf-id
vaYo1otfVx5n2ZE88mxVfw3yhNHz3cZatE_RdBwiC8Sj5aHO0oC3WA==
particles.css
cf.eip.telegraph.co.uk/particle-CMS/particles/ Frame DB97
19 KB
10 KB
Stylesheet
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/particles.css
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2.html?i=2&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49a4c5845adc93d7a2ce1895fc5fe5135c9d8cbee1964d13cd883686f23ccdbf

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Oct 2020 20:35:19 GMT
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 14:15:51 GMT
server
AmazonS3
age
14746035
etag
W/"9299c8cc10e0d8f034e001b7a7677063"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
QghyWM8Cp7F8tumBuN47U3lS6lhxiEuTTW2MQjvsLVdMdeWY1DnP1w==
colors.css
cf.eip.telegraph.co.uk/particle-CMS/particles/ Frame DB97
32 KB
3 KB
Stylesheet
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/colors.css
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2.html?i=2&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf8b6cd6b1ab67d65f9cb45bbfa42da38691c40f0361b4b46802b71727c2426d

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:16:44 GMT
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 14:15:51 GMT
server
AmazonS3
age
5001950
etag
W/"cd271f11b7281c88f4b20ec43cc79686"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
QomNtauHLNRUzqnT72Xwinrz5GtZFlxGk3h4R9j8LUYBVM4F6opmuQ==
0.1.1.css
cf.eip.telegraph.co.uk/particle-CMS/particles/breakout-box/public-assets/css/ Frame DB97
34 KB
5 KB
Stylesheet
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/breakout-box/public-assets/css/0.1.1.css
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2.html?i=2&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dacf7c48f0b0e62443daafe305d60a041e7abc6150aaed941739731f1a5f5d9b

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 04:32:35 GMT
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 14:15:56 GMT
server
AmazonS3
age
5299799
etag
W/"1e4e4658c5275d7791c054762b4a3b6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
oE_vaVNBoKhSlohx_AtIzeo-g7gf9jgLmaSvldcapZSRX03f35J-UQ==
fontsv02.css
cf.eip.telegraph.co.uk/assets/_css/ Frame 9C45
6 KB
6 KB
Stylesheet
General
Full URL
https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc.html?i=1&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
746bf78dbd28d668ecb839ee309b8c336736cd0fc9ae82cccb07815668287669

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
last-modified
Tue, 12 Feb 2019 13:28:37 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"3157a80bd484e52bc66158d865860532"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5925
x-amz-cf-id
U-RtkwYGHtfUiWV3boK9mba8FLzAapCHkoe9OYPLqI3eAeUqMsUp_g==
particles.css
cf.eip.telegraph.co.uk/particle-CMS/particles/ Frame 9C45
19 KB
10 KB
Stylesheet
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/particles.css
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc.html?i=1&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49a4c5845adc93d7a2ce1895fc5fe5135c9d8cbee1964d13cd883686f23ccdbf

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Oct 2020 20:35:19 GMT
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 14:15:51 GMT
server
AmazonS3
age
14746035
etag
W/"9299c8cc10e0d8f034e001b7a7677063"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
UPrhrjvTe1aA2KQQkus_16XoUEJrithe06oFD3E5Us9eyLxZt_lgvw==
colors.css
cf.eip.telegraph.co.uk/particle-CMS/particles/ Frame 9C45
32 KB
3 KB
Stylesheet
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/colors.css
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc.html?i=1&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf8b6cd6b1ab67d65f9cb45bbfa42da38691c40f0361b4b46802b71727c2426d

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 15:16:44 GMT
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 14:15:51 GMT
server
AmazonS3
age
5001950
etag
W/"cd271f11b7281c88f4b20ec43cc79686"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
y9AbBGHIufn7r5uoOCqcGrF_SnNhl9fz_9hA0FqMssn7oZlGN9xcgQ==
0.1.1.css
cf.eip.telegraph.co.uk/particle-CMS/particles/breakout-box/public-assets/css/ Frame 9C45
34 KB
5 KB
Stylesheet
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/breakout-box/public-assets/css/0.1.1.css
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc.html?i=1&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dacf7c48f0b0e62443daafe305d60a041e7abc6150aaed941739731f1a5f5d9b

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 04:32:35 GMT
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 14:15:56 GMT
server
AmazonS3
age
5299799
etag
W/"1e4e4658c5275d7791c054762b4a3b6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
RQJ0554ppdAEnNp1wYSNlSjpTorU9EAnaB9zAE9A0VLtiCLSZiUIkw==
jquery-2.2.0.min.js
code.jquery.com/ Frame 9C45
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc.html?i=1&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Fri, 08 Jan 2016 20:03:15 GMT
server
nginx
etag
W/"56901603-14e55"
vary
Accept-Encoding
x-hw
1617194553.dop133.fr8.t,1617194553.cds214.fr8.hn,1617194553.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29875
0.1.1.js
cf.eip.telegraph.co.uk/particle-CMS/particles/breakout-box/public-assets/js/ Frame 9C45
12 KB
3 KB
Script
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/breakout-box/public-assets/js/0.1.1.js
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc.html?i=1&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e202c3c23ac2e8ebd64a4f47a319a0ff7c943194278e4a4515be6297bb6d179f

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 04:32:36 GMT
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 14:15:57 GMT
server
AmazonS3
age
5299798
etag
W/"d7ff58271789db3e6d4e46cbd3b5bc4e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
FwaGeDyDw5wNLYbsSu_2xpghgf3yoZZJtMQYDslCsxJGr97_iran1Q==
helpers.js
cf.eip.telegraph.co.uk/particle-CMS/particles/ Frame 9C45
11 KB
4 KB
Script
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/helpers.js
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc.html?i=1&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5d94d439e6670182f082e45bbbc8ed71d707637b3b7253d6945ca7c852331f2

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 15:53:31 GMT
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 15:50:27 GMT
server
AmazonS3
age
4913343
etag
W/"1440147a42e3000dc6f8bdfbbe9db58c"
vary
Accept-Encoding
x-amz-meta-cache-control
max-age=0,s-maxage=86400
content-type
application/javascript
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=0,s-maxage=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
thydn6kOyjTZ7SVzpxKhMq3oFT--csoJ1TyMg4DGc5ETj5uuvGdepQ==
analytics.js
cf.eip.telegraph.co.uk/particle-CMS/particles/ Frame 9C45
23 B
349 B
Script
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/analytics.js
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc.html?i=1&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=c4a6b1d4-1272-42f3-adf2-1f06b80fc9dc&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
497379f191fc1c99b86b108e2cd67ce1bda71b964b4ec1e7dc9f4945c5cc43c5

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 01:36:48 GMT
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
last-modified
Tue, 15 Dec 2020 12:57:10 GMT
server
AmazonS3
age
4359946
etag
"1186e5b12d7897470531cbdfe91413ea"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
23
x-amz-cf-id
2Z2HlLRVkgy_W66Jgu5f-LXeceAclxE7qdFIFEgLIoHOnsduGIxQZA==
css
fonts.googleapis.com/ Frame 0764
5 KB
741 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,500,600|Libre+Baskerville:400
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55a74d1e02c6dd11a8c11e109e50c4668ddc390b1ebcc37ef4c8df158cf564cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 31 Mar 2021 12:42:33 GMT
server
ESF
date
Wed, 31 Mar 2021 12:42:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Mar 2021 12:42:33 GMT
site-logo.svg
images.barnebys.com/site/images/ Frame 0764
6 KB
3 KB
Image
General
Full URL
https://images.barnebys.com/site/images/site-logo.svg
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
317b349e3e6b74ab027fb02d3bd13e529c65d9ddfdb5e7d4125ccd5c49ca41f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4230153
x-cache
MISS, HIT, HIT
x-imgix-id
3375a9369fcd64b8ec0ad9174e795477df0e0f38
fastly-restarts
1
x-served-by
cache-sjc10021-SJC, cache-sjc10063-SJC, cache-hhn4042-HHN
accept-ranges
bytes
last-modified
Thu, 23 May 2019 13:01:11 GMT
server
imgix
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-length
2551
https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48271a_lg.jpeg
barnebys.imgix.net/ Frame 0764
15 KB
15 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48271a_lg.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=1e79fcf7950f38d40f5149c87bc1a112
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
a3c60313ae4c1d3565ce0cb407e797f5fec73351f5a3e0252966405161bc17e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 15:05:48 GMT
server
imgix
age
1028205
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
d3b562230e64f07e54ae7ec711b55fd9fba427fd
accept-ranges
bytes
content-length
15666
x-served-by
cache-sjc10058-SJC, cache-hhn4067-HHN
https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48448a_lg.jpeg
barnebys.imgix.net/ Frame 0764
8 KB
8 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48448a_lg.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=9a3f0f0a38b44eb65abf97cfebcf5d9c
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
d2ef4f6a307251490c09af3046a2ca7b06ebae5d6585c9d688413e568e217f17
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 11:37:45 GMT
server
imgix
age
1299888
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
cbfea4e268944e824da7be6fd714b502f9329f19
accept-ranges
bytes
content-length
8122
x-served-by
cache-sjc10075-SJC, cache-hhn4067-HHN
https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48153a_lg.jpeg
barnebys.imgix.net/ Frame 0764
5 KB
5 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48153a_lg.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=238124d1e544e87d0079aacd3b85c212
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
bea26b1a955f5324ed40ef1dfea84bdf250897e9b2c8624ab9c158e1fbcfa2dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 07:10:20 GMT
server
imgix
age
1315933
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
53626a43d3ced02a67be320826527c916092e9e8
accept-ranges
bytes
content-length
5476
x-served-by
cache-sjc10029-SJC, cache-hhn4067-HHN
https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48305a_lg.jpeg
barnebys.imgix.net/ Frame 0764
19 KB
20 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48305a_lg.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=8493974c9b3ed70c9b6fd1a00f24a84f
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
74787b3b939b28ee3b2221753a65cba0de28e0f3804597e4b75fe5c7cfd7c6c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Mar 2021 01:12:50 GMT
server
imgix
age
473383
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
52c8c8cb265f0593b459e8ce8bcc66437121233a
accept-ranges
bytes
content-length
19936
x-served-by
cache-sjc10038-SJC, cache-hhn4067-HHN
https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48404a_lg.jpeg
barnebys.imgix.net/ Frame 0764
17 KB
17 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48404a_lg.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=8653c5121060a7141efcc01cb4f4a459
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
5bfee6ffd01f588b0018ada70b464056882c941460f558ec0598233015e89ee3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 12:05:18 GMT
server
imgix
age
1298235
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
4482e93cdbe715a0df397cbf37c22bceb97a53cc
accept-ranges
bytes
content-length
17264
x-served-by
cache-sjc10023-SJC, cache-hhn4067-HHN
https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48408a_lg.jpeg
barnebys.imgix.net/ Frame 0764
18 KB
18 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48408a_lg.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=bbd3c5f9f1faa570dfa01d32787c454f
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
61c56e3fd85ee52e9fbac670b4c078e68395e2afce05f017b38a9d03e14cd80b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Mar 2021 01:12:50 GMT
server
imgix
age
473383
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
71e8a9f370bcc15c9e25159b72d8ad11c5d5c62b
accept-ranges
bytes
content-length
18762
x-served-by
cache-sjc10060-SJC, cache-hhn4067-HHN
https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48327a_lg.jpeg
barnebys.imgix.net/ Frame 0764
15 KB
15 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48327a_lg.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=f57083811a149cb5c14b5f25eb061670
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
3f8807ffe646fe020798a08b93e765edfe6c8cedfe53d2efa7dcb1745aeb29df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 04:00:21 GMT
server
imgix
age
1327331
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
680eab5735567c5ba2a2f600204493f2134bf658
accept-ranges
bytes
content-length
15346
x-served-by
cache-sjc10055-SJC, cache-hhn4067-HHN
https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48161e1_lg.jpeg
barnebys.imgix.net/ Frame 0764
8 KB
8 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fcatalog.scpauctions.com%2FItemImages%2F000048%2F48161e1_lg.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=ae958ab5cbc7c5801d0ec8f93aa35f0a
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
6628cd8277486f26d204fd35f6f688c157eba88131e4f4b27b8a9970368f0898
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 11:15:48 GMT
server
imgix
age
1214806
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
f4ef6158037d337a0fc190b1f96700e6c5d12b6c
accept-ranges
bytes
content-length
7978
x-served-by
cache-sjc10063-SJC, cache-hhn4067-HHN
https%3A%2F%2Fbid.candtauctions.co.uk%2Fimages%2Flot%2F7723%2F77232_0.jpg%3F1616711647
barnebys.imgix.net/ Frame 0764
10 KB
10 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fbid.candtauctions.co.uk%2Fimages%2Flot%2F7723%2F77232_0.jpg%3F1616711647?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=329df681275fae78ad0885e1222f963c
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
2debc3cae65362e3d68d12d5d55a318ee294bf0c6564a5473e796a591fd03f10
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Mar 2021 23:40:43 GMT
server
imgix
age
306110
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
9652b83f4fda34cc5892522e56e8b060a948ec24
accept-ranges
bytes
content-length
9990
x-served-by
cache-sjc10055-SJC, cache-hhn4067-HHN
https%3A%2F%2Fp1.liveauctioneers.com%2F6279%2F198817%2F100494359_1_x.jpg
barnebys.imgix.net/ Frame 0764
16 KB
16 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fp1.liveauctioneers.com%2F6279%2F198817%2F100494359_1_x.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=c8c74d9b48690e5cd5a25446073f384a
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
b26b962e5dac3e142936e1aa5a1c748080aa09ca90abe247507b2661e105cc1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Mar 2021 16:40:22 GMT
server
imgix
age
331331
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
072ddf8414a358eece43aaf94b66f888def031f7
accept-ranges
bytes
content-length
15944
x-served-by
cache-sjc10059-SJC, cache-hhn4067-HHN
https%3A%2F%2Fp1.liveauctioneers.com%2F6279%2F198817%2F100494392_1_x.jpg
barnebys.imgix.net/ Frame 0764
8 KB
8 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fp1.liveauctioneers.com%2F6279%2F198817%2F100494392_1_x.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=7871920239704b67ae5d063f9dc4e36a
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
fc56b66fec7c2d014e2b7f2688fed583946691a8c4043021ba571c7ea9609565
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Mar 2021 10:59:11 GMT
server
imgix
age
351802
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
961538ce04a26cb7d1fea531bd67fbe489481f3c
accept-ranges
bytes
content-length
8276
x-served-by
cache-sjc10081-SJC, cache-hhn4067-HHN
https%3A%2F%2Fimages.proxibid.com%2FAuctionImages%2F11739%2F197371%2FFullDetail%2F333_1.jpg
barnebys.imgix.net/ Frame 0764
10 KB
10 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fimages.proxibid.com%2FAuctionImages%2F11739%2F197371%2FFullDetail%2F333_1.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=ed77514381558149cf68bc08b0cd4855
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
9fbd164b63bc0cc4d7991ef4bcead08cb17de014b17fd6f7191e5bc5fe4dd4f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Mar 2021 19:35:52 GMT
server
imgix
age
666401
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
c65241498492060b103d29a36b930d1847165a0b
accept-ranges
bytes
content-length
10404
x-served-by
cache-sjc10058-SJC, cache-hhn4067-HHN
https%3A%2F%2Fimages.proxibid.com%2FAuctionImages%2F11739%2F197371%2FFullDetail%2F287_1.jpg
barnebys.imgix.net/ Frame 0764
8 KB
8 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fimages.proxibid.com%2FAuctionImages%2F11739%2F197371%2FFullDetail%2F287_1.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=a052bd2580d523abeb56dd00ef9683e9
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
91b90ddbcb8cbdf254ba958a29068fa20102ca2aec83b09d9eb6e64e81f2eb4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Mar 2021 19:35:45 GMT
server
imgix
age
666408
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
1626f6896caa6e2cf905cff16be3c9b31561fa1f
accept-ranges
bytes
content-length
7820
x-served-by
cache-sjc10055-SJC, cache-hhn4067-HHN
https%3A%2F%2Fchait.com%2FItemImages%2F000321%2F315796A_med.jpeg
barnebys.imgix.net/ Frame 0764
17 KB
17 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fchait.com%2FItemImages%2F000321%2F315796A_med.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=581bf91714aa7bb4757f5c8c9fdcff6d
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
a65ef7f24df455836a4a5abef14743fe86bad330077e80f52ae00684fee02716
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 21 Mar 2021 02:26:37 GMT
server
imgix
age
900956
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
37e61666681ef6603df8d5d205ea168807e312e0
accept-ranges
bytes
content-length
17634
x-served-by
cache-sjc10023-SJC, cache-hhn4067-HHN
https%3A%2F%2Fchait.com%2FItemImages%2F000321%2F320414A_med.jpeg
barnebys.imgix.net/ Frame 0764
10 KB
10 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fchait.com%2FItemImages%2F000321%2F320414A_med.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=41f44ec23602d90948f388aece93eca0
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
315a8f8efe8f4d854f764b59fd59603dc986e90322e306ddff5c14fb1a24dd2f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 21 Mar 2021 07:53:37 GMT
server
imgix
age
881335
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
5b99d942ac4775ea9371a74b0c51692a8aab3673
accept-ranges
bytes
content-length
9872
x-served-by
cache-sjc10043-SJC, cache-hhn4067-HHN
https%3A%2F%2Fchait.com%2FItemImages%2F000321%2F314070A_med.jpeg
barnebys.imgix.net/ Frame 0764
18 KB
18 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fchait.com%2FItemImages%2F000321%2F314070A_med.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=d0b884d17e10a6452c4e33a0ba325ea6
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
9202755bbc28f04b665c0530b16222d29068d3d7707ac8b18a0f9ce481916f20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 21 Mar 2021 02:26:34 GMT
server
imgix
age
900959
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
41f835368cf168e26b34c966aac2d6158058cf02
accept-ranges
bytes
content-length
18796
x-served-by
cache-sjc10075-SJC, cache-hhn4067-HHN
https%3A%2F%2Fchait.com%2FItemImages%2F000321%2F316128A_med.jpeg
barnebys.imgix.net/ Frame 0764
30 KB
30 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fchait.com%2FItemImages%2F000321%2F316128A_med.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=628af75ea27a61a307a6608808a5d701
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
608a584386bc8e9d68dc278d92cfd8c6efdd7d36de29161e50d8bfd0cd33d1a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 21 Mar 2021 11:27:12 GMT
server
imgix
age
868521
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
9a65f009cab1e468db5caa66ba945f69e114304a
accept-ranges
bytes
content-length
30864
x-served-by
cache-sjc10065-SJC, cache-hhn4067-HHN
https%3A%2F%2Fchait.com%2FItemImages%2F000321%2F318059A_med.jpeg
barnebys.imgix.net/ Frame 0764
12 KB
13 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fchait.com%2FItemImages%2F000321%2F318059A_med.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=66408cc4e14ecae7df1f458d054b3064
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
67034834a28d523c920d060d4a42d9fb3e291d81e0a6adec19589213e78f3f26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 21 Mar 2021 02:31:53 GMT
server
imgix
age
900640
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
ec53da89c8dfc0ff5b88b1112933960194b5dee2
accept-ranges
bytes
content-length
12702
x-served-by
cache-sjc10050-SJC, cache-hhn4067-HHN
https%3A%2F%2Fstatic.wixstatic.com%2Fmedia%2F28256a_a11ad1ae4d88480298b2db135fc6ccb1~mv2.jpg%2Fv1%2Ffill%2Fw_3066%252Ch_2598%252Cfp_0.50_0.50%252Cq_90%2F28256a_a11ad1ae4d88480298b2db135fc6ccb1~mv2.jpg
barnebys.imgix.net/ Frame 0764
11 KB
11 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fstatic.wixstatic.com%2Fmedia%2F28256a_a11ad1ae4d88480298b2db135fc6ccb1~mv2.jpg%2Fv1%2Ffill%2Fw_3066%252Ch_2598%252Cfp_0.50_0.50%252Cq_90%2F28256a_a11ad1ae4d88480298b2db135fc6ccb1~mv2.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=d46b0a1273579cc6a1eba0a483075f71
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
6c0ebe06afb96c7dc3fd83c26b9ace3b7ab62104ff27049787c6ef32023e67c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Mar 2021 09:31:51 GMT
server
imgix
age
443442
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
7d5f8587a10744339a4b274ddb1f03bf2f4d296f
accept-ranges
bytes
content-length
10994
x-served-by
cache-sjc10024-SJC, cache-hhn4067-HHN
https%3A%2F%2Fstatic.wixstatic.com%2Fmedia%2F28256a_2ac98d5d002e491c8781a7c0b9e334f7~mv2.jpg%2Fv1%2Ffill%2Fw_1313%252Ch_1080%252Cfp_0.50_0.50%252Cq_90%2F28256a_2ac98d5d002e491c8781a7c0b9e334f7~mv2.jpg
barnebys.imgix.net/ Frame 0764
21 KB
21 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fstatic.wixstatic.com%2Fmedia%2F28256a_2ac98d5d002e491c8781a7c0b9e334f7~mv2.jpg%2Fv1%2Ffill%2Fw_1313%252Ch_1080%252Cfp_0.50_0.50%252Cq_90%2F28256a_2ac98d5d002e491c8781a7c0b9e334f7~mv2.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=ba286213dc198563bc4361b4f0763e5e
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
7d5b3f49f726aefa4c8875e523e916c0bcd34492f68026dda1048434aac60763
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Mar 2021 09:31:50 GMT
server
imgix
age
443443
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
9fda34790f2933dd56276fa32f4c9026a68045ca
accept-ranges
bytes
content-length
21370
x-served-by
cache-sjc10083-SJC, cache-hhn4067-HHN
https%3A%2F%2Fstatic.wixstatic.com%2Fmedia%2F28256a_baf689fce319498e9dbd58f44504ca89~mv2.jpeg%2Fv1%2Ffill%2Fw_772%252Ch_632%252Cfp_0.50_0.50%252Cq_90%2F28256a_baf689fce319498e9dbd58f44504ca89~mv2.jpeg
barnebys.imgix.net/ Frame 0764
27 KB
27 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fstatic.wixstatic.com%2Fmedia%2F28256a_baf689fce319498e9dbd58f44504ca89~mv2.jpeg%2Fv1%2Ffill%2Fw_772%252Ch_632%252Cfp_0.50_0.50%252Cq_90%2F28256a_baf689fce319498e9dbd58f44504ca89~mv2.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=472fa65abef61ba638ffab191a663c4f
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
acc862667cd47cf426ffb93b0f07c7f7039126c5a1a9057b06fd4f82054cfaf7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Mar 2021 09:31:49 GMT
server
imgix
age
443443
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
5982a44174849c316d0f4b2a0df6a97061a156ec
accept-ranges
bytes
content-length
27842
x-served-by
cache-sjc10059-SJC, cache-hhn4067-HHN
https%3A%2F%2Fstatic.wixstatic.com%2Fmedia%2F28256a_ff7a887acec54ca1b2aabbd69245b26a~mv2.jpg%2Fv1%2Ffill%2Fw_5356%252Ch_4668%252Cfp_0.50_0.50%252Cq_90%2F28256a_ff7a887acec54ca1b2aabbd69245b26a~mv2.jpg
barnebys.imgix.net/ Frame 0764
24 KB
24 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fstatic.wixstatic.com%2Fmedia%2F28256a_ff7a887acec54ca1b2aabbd69245b26a~mv2.jpg%2Fv1%2Ffill%2Fw_5356%252Ch_4668%252Cfp_0.50_0.50%252Cq_90%2F28256a_ff7a887acec54ca1b2aabbd69245b26a~mv2.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=21807cb61608e5972e62b57334b326e4
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
901a236b39e67a768b67abd96f39b944b85ea38f42fae1739a5c1f355c0a2f8e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Mar 2021 09:31:52 GMT
server
imgix
age
443441
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
c49149e7970b99d3176aea85c15e09f7e1e242dd
accept-ranges
bytes
content-length
24642
x-served-by
cache-sjc10040-SJC, cache-hhn4067-HHN
https%3A%2F%2Fstatic.wixstatic.com%2Fmedia%2F28256a_af34cf239511437cbd9de30ec1cf513e~mv2.jpeg%2Fv1%2Ffill%2Fw_588%252Ch_1080%252Cfp_0.50_0.50%252Cq_90%2F28256a_af34cf239511437cbd9de30ec1cf513e~mv2....
barnebys.imgix.net/ Frame 0764
20 KB
20 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fstatic.wixstatic.com%2Fmedia%2F28256a_af34cf239511437cbd9de30ec1cf513e~mv2.jpeg%2Fv1%2Ffill%2Fw_588%252Ch_1080%252Cfp_0.50_0.50%252Cq_90%2F28256a_af34cf239511437cbd9de30ec1cf513e~mv2.jpeg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=b5c495ba45e9f1049bb2debe03cae929
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
4bbdb5662e9696112a753f6056b18b69fbafd6c58e0c0cf11ef234a62a644b06
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Mar 2021 09:31:49 GMT
server
imgix
age
443443
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
f2cc2874a4b39d04083a3ca073e16aa5f5625601
accept-ranges
bytes
content-length
20130
x-served-by
cache-sjc10060-SJC, cache-hhn4067-HHN
https%3A%2F%2Fstatic.wixstatic.com%2Fmedia%2F28256a_b276203bef3c405ea8d526dc493d435f~mv2.jpg%2Fv1%2Ffill%2Fw_2599%252Ch_1945%252Cfp_0.50_0.50%252Cq_90%2F28256a_b276203bef3c405ea8d526dc493d435f~mv2.jpg
barnebys.imgix.net/ Frame 0764
29 KB
29 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fstatic.wixstatic.com%2Fmedia%2F28256a_b276203bef3c405ea8d526dc493d435f~mv2.jpg%2Fv1%2Ffill%2Fw_2599%252Ch_1945%252Cfp_0.50_0.50%252Cq_90%2F28256a_b276203bef3c405ea8d526dc493d435f~mv2.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=cb44b3513d998892f23ccad9a6b8e2e2
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
8a50aee7a0f243cdd2d6d2490bf584fb0134f1812894258b1d343decc90a9a4c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Mar 2021 09:31:50 GMT
server
imgix
age
443444
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
29baf7ee2b28a3fc4db973ba6c7a53970ad7f2aa
accept-ranges
bytes
content-length
29388
x-served-by
cache-sjc10079-SJC, cache-hhn4067-HHN
https%3A%2F%2Fimage.invaluable.com%2FhousePhotos%2Fbradfordsauction%2F44%2F697144%2FH22021-L247877027.jpg
barnebys.imgix.net/ Frame 0764
20 KB
20 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fimage.invaluable.com%2FhousePhotos%2Fbradfordsauction%2F44%2F697144%2FH22021-L247877027.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=414d3e46dc9539fd8f060788dd6632a0
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
90fe59af0e407d23de8b58c8245dc3af9ae6c718fc979f2dc409320e3fe8c008
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 17:20:09 GMT
server
imgix
age
69743
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
ce90395d61ba62ef34b095b7c666ccd878267ffd
accept-ranges
bytes
content-length
20638
x-served-by
cache-sjc10055-SJC, cache-hhn4067-HHN
https%3A%2F%2Fimage.invaluable.com%2FhousePhotos%2Fbradfordsauction%2F44%2F697144%2FH22021-L247880194.jpg
barnebys.imgix.net/ Frame 0764
11 KB
11 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fimage.invaluable.com%2FhousePhotos%2Fbradfordsauction%2F44%2F697144%2FH22021-L247880194.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=297bb6ed4115b30f093ce205b07a0bc2
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
10304d659266c950907f4123b29713413bbd39c7b426b8f4a5ba670788507afe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 08:00:38 GMT
server
imgix
age
103315
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
811a0df581b269fddafd9ef3135a66fa71dbc40b
accept-ranges
bytes
content-length
11316
x-served-by
cache-sjc10061-SJC, cache-hhn4067-HHN
https%3A%2F%2Fimages.proxibid.com%2FAuctionImages%2F993%2F197739%2FFullDetail%2F380-1.jpg
barnebys.imgix.net/ Frame 0764
7 KB
7 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fimages.proxibid.com%2FAuctionImages%2F993%2F197739%2FFullDetail%2F380-1.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=78c79792da99a700584b1b53e1f497fa
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
023aa4acbd9a548a89cb046b761602d76f4693eda10b6e920641cdb34d4c18ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 06:26:00 GMT
server
imgix
age
22593
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
306c0d0ff7b1ad8235051e663cd00dafd5c26029
accept-ranges
bytes
content-length
7004
x-served-by
cache-sjc10053-SJC, cache-hhn4067-HHN
https%3A%2F%2Fimages.proxibid.com%2FAuctionImages%2F993%2F197739%2FFullDetail%2F264-1.jpg
barnebys.imgix.net/ Frame 0764
21 KB
21 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fimages.proxibid.com%2FAuctionImages%2F993%2F197739%2FFullDetail%2F264-1.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=0b9414bdb2667ff62ca302d2872d0ff5
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
bdc01628d140ab47211795eac916f85c71c4114eae0e5dc6517064dd73cdb233
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 10:37:30 GMT
server
imgix
age
7502
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
dddc366f1a962d33805f0d23b394778c4b2cb7b0
accept-ranges
bytes
content-length
21436
x-served-by
cache-sjc10058-SJC, cache-hhn4067-HHN
https%3A%2F%2Fcdn.globalauctionplatform.com%2F4560d277-e760-4ddf-9b8d-acf500a8ebc9%2Fac115b68-6c6c-4a03-a93f-acf500b3cef0%2Foriginal.jpg
barnebys.imgix.net/ Frame 0764
6 KB
6 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fcdn.globalauctionplatform.com%2F4560d277-e760-4ddf-9b8d-acf500a8ebc9%2Fac115b68-6c6c-4a03-a93f-acf500b3cef0%2Foriginal.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=379d7db043ac9c81d0d2998af6b9607f
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
75a87762b324173bf0eccc7db69c6f23c18fd294b86d43dae358ee3c68f17f60
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Mar 2021 13:11:43 GMT
server
imgix
age
343850
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
124a4d8a624a380ea2a3e938e0c6bcc35e89a598
accept-ranges
bytes
content-length
6204
x-served-by
cache-sjc10054-SJC, cache-hhn4067-HHN
https%3A%2F%2Fcdn.globalauctionplatform.com%2F4560d277-e760-4ddf-9b8d-acf500a8ebc9%2F642ede2d-9db9-4353-856e-acf500b4c1d4%2Foriginal.jpg
barnebys.imgix.net/ Frame 0764
15 KB
15 KB
Image
General
Full URL
https://barnebys.imgix.net/https%3A%2F%2Fcdn.globalauctionplatform.com%2F4560d277-e760-4ddf-9b8d-acf500a8ebc9%2F642ede2d-9db9-4353-856e-acf500b4c1d4%2Foriginal.jpg?w=320&h=320&auto=format%2Ccompress&cs=tinysrgb&fit=crop&trim=auto&crop=center&ixlib=js-1.2.0&s=f4418009f3416e251fd4312954a35df6
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
95c1d28f03c48c49e64ccc3ef9a6fe58ed24739228ff192b85a042ef98de501c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
last-modified
Sat, 27 Mar 2021 10:19:36 GMT
server
imgix
age
354176
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
991949d775b954b30bd263f2b660e6f0b8ab350f
accept-ranges
bytes
content-length
15168
x-served-by
cache-sjc10056-SJC, cache-hhn4067-HHN
_buildManifest.js
widgethost.barnebys.com/_next/static/XuJxONewz2IzcD7TPtmRv/ Frame 0764
357 B
515 B
Script
General
Full URL
https://widgethost.barnebys.com/_next/static/XuJxONewz2IzcD7TPtmRv/_buildManifest.js
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
44785a95b46b4fd582c81b0acddac2d145843f7df929a389cb3711dd90c8534f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://widgethost.barnebys.com/widgets/28/?w=300&h=460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
server
Vercel
age
4379
x-vercel-id
cdg1::8ggt8-1617194553392-2d8cd1e2ae3e
etag
W/"44785a95b46b4fd582c81b0acddac2d145843f7df929a389cb3711dd90c8534f"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
content-disposition
inline; filename="_buildManifest.js"
accept-ranges
bytes
x-vercel-cache
HIT
content-length
357
_ssgManifest.js
widgethost.barnebys.com/_next/static/XuJxONewz2IzcD7TPtmRv/ Frame 0764
76 B
233 B
Script
General
Full URL
https://widgethost.barnebys.com/_next/static/XuJxONewz2IzcD7TPtmRv/_ssgManifest.js
Requested by
Host: widgethost.barnebys.com
URL: https://widgethost.barnebys.com/widgets/28/?w=300&h=460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://widgethost.barnebys.com/widgets/28/?w=300&h=460
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
server
Vercel
age
7475
x-vercel-id
cdg1::8ggt8-1617194553392-eb85756ec6a2
etag
W/"653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
content-disposition
inline; filename="_ssgManifest.js"
accept-ranges
bytes
x-vercel-cache
HIT
content-length
76
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-gpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Thu, 01 Apr 2021 12:42:33 GMT
Matt-cartoon-255x206px-small.png
www.telegraph.co.uk/content/dam/generic/
5 KB
5 KB
Image
General
Full URL
https://www.telegraph.co.uk/content/dam/generic/Matt-cartoon-255x206px-small.png?adCount=1
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c651e10b8f905e2fcf5d4969b88ae86cc2a5c247a67ddc36bd1ae3efc6e47067

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
x-check-cacheable
YES
server
Akamai Image Manager
etag
"58b1-55ac2236c2b00"
x-serial
1944
vary
Accept-Encoding
content-type
image/webp
cache-control
no-transform, max-age=31536000
last-modified
Wed, 12 Feb 2020 19:04:14 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
5309
296X1634315.skimlinks.js
s.skimresources.com/js/
35 KB
14 KB
Script
General
Full URL
https://s.skimresources.com/js/296X1634315.skimlinks.js
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-gpt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67ccdaaa1b11ac347f2fe09d212b53045e7ea811c90b62c572e19bd89d2d263c

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 12:07:51 GMT
server
AmazonS3
x-amz-request-id
C6KJ709K8S34X4ZB
etag
"d9727a05b869d2328e7c96e36e1fca20"
x-hw
1617194553.cds015.fr8.hn,1617194553.cds248.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
13684
x-amz-id-2
ny6mw9J+jC08URiSAeLka76mO0b5Yizpnr49MQ936MAourtiXOeoU9dVttFVOdsrUccNtuQm2Pk=
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
1646
date
Wed, 31 Mar 2021 12:15:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Wed, 31 Mar 2021 14:15:07 GMT
chartbeat_video.js
static.chartbeat.com/js/
69 KB
23 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:cc00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bd2cd10f7fef068f139f497066a7565849b33e3d7b53ef32136a8a43665c98c4

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 18:13:56 GMT
content-encoding
gzip
last-modified
Thu, 25 Mar 2021 00:12:56 GMT
server
nginx
age
66517
etag
W/"605bd588-11370"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
I9axoz-lMOwGo72oaLNVoWDzXzHor_mIA-BDRBelJl517p69NaKq8A==
expires
Wed, 31 Mar 2021 18:13:55 GMT
rumtag.js
www.telegraph.co.uk/rumtag/
23 KB
8 KB
Script
General
Full URL
https://www.telegraph.co.uk/rumtag/rumtag.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
e58203a1b61504d22706134aaefd68ca88c2e7969ffe21b6910189e2bdeed312

Request headers

Referer
https://www.telegraph.co.uk/technology/0/ransomware-does-work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1617117460
x-guploader-uploadid
ABg5-UzlmKPbG7k9Ky1GabV8t6tMxGVaxEZBpE2memF2WquYupUd-VLsJfx2gNL0smi8o95WAvdmABpPjXs8V6EqPw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
7575
last-modified
Tue, 30 Mar 2021 15:18:15 GMT
server
UploadServer
etag
"613711bdaf266e4381587ee66980f7b1"
vary
Accept-Encoding
x-goog-hash
crc32c=M/IXGw==, md5=YTcRva8mbkOBWH7maYD3sQ==
x-goog-generation
1617117495535730
cache-control
public, max-age=41
x-goog-stored-content-length
23983
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 31 Mar 2021 12:43:14 GMT
door.js
uk-script.dotmetrics.net/
7 KB
3 KB
Script
General
Full URL
https://uk-script.dotmetrics.net/door.js?d=www.telegraph.co.uk&t=technology
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-gpt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-55.fra6.r.cloudfront.net
Software
Kestrel /
Resource Hash
5f663639b4106113b8c44f38b4cf406e0294b9d28c4978fb3dd7221a17d71639

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
FRA6-C1
etag
".www.telegraph.co.uk.technology.176.2021033112"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control
private
content-type
application/javascript
x-amz-cf-id
NGm1FiW-62--cZEY_kxuZIiSlVcjFQux9kuJbd-m8dqQCzl_VoPvaA==
pixel
amplifypixel.outbrain.com/
43 B
256 B
Image
General
Full URL
https://amplifypixel.outbrain.com/pixel?mid=00eaf20a66cd025f190318edba18d8089b
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:33 GMT
Cache-Control
no-cache
X-TraceId
9f804551bbf817546bde1e4c504edc75
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
558cc625-46d0-46ed-84ff-ad77b9595fdf
https://www.telegraph.co.uk/
17 KB
0
Other
General
Full URL
blob:https://www.telegraph.co.uk/558cc625-46d0-46ed-84ff-ad77b9595fdf
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66f25c873dbd0db61620329804564bf39613d18bc7797da99dd6bf57bf18955c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
17224
Content-Type
application/javascript
model
query.petametrics.com/v3/fb6cjraf9cejut2a/9067b434-1ec7-418c-c92a-c42e84a7335c/
2 KB
1 KB
XHR
General
Full URL
https://query.petametrics.com/v3/fb6cjraf9cejut2a/9067b434-1ec7-418c-c92a-c42e84a7335c/model?ct=What+is+WannaCry++and+how+does+ransomware+work%3F&ccu=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&tspl=2049&ist=2031&iet=2042&bdst=1571&bdet=1714&bcttt=19&ts=1617194553491&jsk=fb6cjraf9cejut2a&jsv=20210217&cu=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&uid=9067b434-1ec7-418c-c92a-c42e84a7335c&sid=da1a5b4f-a375-4eb4-94e0-e04a119b3e5f&pvid=c9539b6f-8d65-465b-b1c5-199256eae64c&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F89.0.4389.72+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&tzo=-120&userStatus=anonymous&f=%5B%22url%22%2C%22author%22%2C%22title%22%2C%22rank%22%2C%22thumbnail%22%5D&arf=%5B%5D&fetchInfo=%7B%22li-recommendation-widget%22%3A5%7D&fetchIndex=1&tryIndex=1&max=5&w=li-recommendation-widget&sdk=bc-xhr-get
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
4e3f936997d7dd15d74a03cdab3402ad7347310b4ce131d87805f2181bb1cb70

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
server
openresty/1.13.6.2
content-type
application/json
access-control-allow-origin
https://www.telegraph.co.uk
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
__inventory.gif
query.petametrics.com/v1/
35 B
140 B
Image
General
Full URL
https://query.petametrics.com/v1/__inventory.gif?ts=1617194553480&jsk=fb6cjraf9cejut2a&jsv=20210217&cu=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&item=%7B%22content_tier%22%3A%5B%22locked%22%5D%2C%22opinion%22%3A%5B%22false%22%5D%2C%22title%22%3A%5B%22What%20is%20WannaCry%20%20and%20how%20does%20ransomware%20work%3F%22%5D%2C%22description%22%3A%5B%22A%20global%20cyber%20attack%20has%20been%20underway%20since%20Friday%2C%20affecting%20more%20than%20200%2C000%20organisations%20in%20150%20countries.%22%5D%2C%22type%22%3A%5B%22article%22%5D%2C%22site_name%22%3A%5B%22The%20Telegraph%22%5D%2C%22url%22%3A%5B%22https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F%22%5D%2C%22image%22%3A%5B%22https%3A%2F%2Fwww.telegraph.co.uk%2Fcontent%2Fdam%2Fvideo_previews%2Fc%2F5%2Fc5dde3yje68hnihsgofu0hlygdtwwrx7.jpg%3Fimpolicy%3Dlogo-overlay%22%5D%2C%22pageType%22%3A%5B%22video%22%5D%2C%22businessSegment%22%3A%5B%22technology%22%5D%2C%22channel%22%3A%5B%22technology%22%5D%2C%22keywords%22%3A%5B%22Standard%22%2C%22NHS%22%2C%22Cyber%20attacks%22%2C%22Apps%22%2C%22Phishing%22%2C%22Internet%20security%22%2C%22Bitcoin%22%2C%22Cyber%20defence%22%2C%22Registration%20Wall%20Content%22%2C%22Technology%22%2C%22Technology%20Editor%27s%20Choice%22%2C%22Portal%22%2C%22Block%20from%20video%20hub%22%5D%2C%22premiumState%22%3A%5B%22true%22%5D%2C%22displayDate%22%3A%5B%222017-05-12%2017%3A11%22%5D%2C%22published_time%22%3A%5B%222017-05-18T08%3A11%2B0100%22%5D%2C%22wordCounts%22%3A%5B%22870%22%5D%7D
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/fb6cjraf9cejut2a/9067b434-1ec7-418c-c92a-c42e84a7335c/
35 B
96 B
Image
General
Full URL
https://query.petametrics.com/v3/fb6cjraf9cejut2a/9067b434-1ec7-418c-c92a-c42e84a7335c/__activity.gif?e=pageview&ct=What+is+WannaCry++and+how+does+ransomware+work%3F&ccu=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&tspl=2048&ist=2031&iet=2042&bdst=1571&bdet=1714&bcttt=13&ts=1617194553489&jsk=fb6cjraf9cejut2a&jsv=20210217&cu=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&uid=9067b434-1ec7-418c-c92a-c42e84a7335c&sid=da1a5b4f-a375-4eb4-94e0-e04a119b3e5f&pvid=c9539b6f-8d65-465b-b1c5-199256eae64c&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F89.0.4389.72+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&tzo=-120&userStatus=anonymous&sdk=bc-pixel
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Mar 2021 12:42:33 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
jquery-2.2.0.min.js
code.jquery.com/ Frame DB97
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2.html?i=2&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
content-encoding
gzip
last-modified
Fri, 08 Jan 2016 20:03:15 GMT
server
nginx
etag
W/"56901603-14e55"
vary
Accept-Encoding
x-hw
1617194553.dop133.fr8.t,1617194553.cds214.fr8.hn,1617194553.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29875
0.1.1.js
cf.eip.telegraph.co.uk/particle-CMS/particles/breakout-box/public-assets/js/ Frame DB97
12 KB
3 KB
Script
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/breakout-box/public-assets/js/0.1.1.js
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2.html?i=2&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e202c3c23ac2e8ebd64a4f47a319a0ff7c943194278e4a4515be6297bb6d179f

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 04:32:36 GMT
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 14:15:57 GMT
server
AmazonS3
age
5299798
etag
W/"d7ff58271789db3e6d4e46cbd3b5bc4e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
5xfmjacXFY3eX3nIfPzR8YvloviWFzJzOmcUFqV1diN-Y3pFhG3DrQ==
helpers.js
cf.eip.telegraph.co.uk/particle-CMS/particles/ Frame DB97
11 KB
4 KB
Script
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/helpers.js
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2.html?i=2&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5d94d439e6670182f082e45bbbc8ed71d707637b3b7253d6945ca7c852331f2

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 15:53:31 GMT
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 15:50:27 GMT
server
AmazonS3
age
4913343
etag
W/"1440147a42e3000dc6f8bdfbbe9db58c"
vary
Accept-Encoding
x-amz-meta-cache-control
max-age=0,s-maxage=86400
content-type
application/javascript
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=0,s-maxage=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
9enKIeZdY-ZVKax3ZH90e-xneZNAdiKTM2lJjmevM6nEtWSBnheWlg==
analytics.js
cf.eip.telegraph.co.uk/particle-CMS/particles/ Frame DB97
23 B
349 B
Script
General
Full URL
https://cf.eip.telegraph.co.uk/particle-CMS/particles/analytics.js
Requested by
Host: cf-particle-html.eip.telegraph.co.uk
URL: https://cf-particle-html.eip.telegraph.co.uk/5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2.html?i=2&ref=www.telegraph.co.uk/technology/0/ransomware-does-work/&channel=technology&id=5d083e0e-8c16-4561-b2d4-8ea8e39a4ac2&isapp=false&isregistered=false&issubscribed=false&truncated=false&lt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
497379f191fc1c99b86b108e2cd67ce1bda71b964b4ec1e7dc9f4945c5cc43c5

Request headers

Referer
https://cf-particle-html.eip.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 01:36:48 GMT
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
last-modified
Tue, 15 Dec 2020 12:57:10 GMT
server
AmazonS3
age
4359946
etag
"1186e5b12d7897470531cbdfe91413ea"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
23
x-amz-cf-id
6Bl6zdbHdpKIFdvrxlgmM8PrzSmoUwcUo6CfmRtYwb6X8xae8rckYw==
Austin%20News%20Deck%20Web-Semibold.woff2
cf.eip.telegraph.co.uk/assets/_fonts/ Frame 8A71
42 KB
43 KB
Font
General
Full URL
https://cf.eip.telegraph.co.uk/assets/_fonts/Austin%20News%20Deck%20Web-Semibold.woff2
Requested by
Host: cf.eip.telegraph.co.uk
URL: https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee197417aefc3d92a3f5d06f1ef46a0bbbc362674e226373ebe4e9a4269d5880

Request headers

Origin
https://cf-particle-html.eip.telegraph.co.uk
Referer
https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Jan 2021 20:54:58 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
7660056
x-cache
Hit from cloudfront
content-length
43468
last-modified
Wed, 20 May 2020 14:52:38 GMT
server
AmazonS3
etag
"62c4de1df13dcb939c8058b677df2cad"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=22672259
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
x7EGtVpU3EvWRh6wFFnUO8RsFjYTWsB3c92cwQntzDl_Cdc3wLk9kw==
Austin%20News%20Text%20Web-Semibold.woff2
cf.eip.telegraph.co.uk/assets/_fonts/ Frame 8A71
25 KB
25 KB
Font
General
Full URL
https://cf.eip.telegraph.co.uk/assets/_fonts/Austin%20News%20Text%20Web-Semibold.woff2
Requested by
Host: cf.eip.telegraph.co.uk
URL: https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c783825f2f362ae3beae6eba44895610045a39fef497346226ffc8fa54c7290

Request headers

Origin
https://cf-particle-html.eip.telegraph.co.uk
Referer
https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 08:20:05 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
4508549
x-cache
Hit from cloudfront
content-length
25368
last-modified
Wed, 20 May 2020 14:52:37 GMT
server
AmazonS3
etag
"2e6cce4b487eed9f4df9bdbab6cd345e"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=22672259
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
1bSjlOYe44UZbSPnjZ2GXsV72UF8lbTxo2hGy7b1SVKjaHi_9KfMLg==
Austin%20News%20Text%20Web-Roman.woff2
cf.eip.telegraph.co.uk/assets/_fonts/ Frame 8A71
24 KB
25 KB
Font
General
Full URL
https://cf.eip.telegraph.co.uk/assets/_fonts/Austin%20News%20Text%20Web-Roman.woff2
Requested by
Host: cf.eip.telegraph.co.uk
URL: https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9f9c7fcce0dc58d5324b37157ac86486d22284f8643d972e7edf356ca326f27

Request headers

Origin
https://cf-particle-html.eip.telegraph.co.uk
Referer
https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 07:13:40 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
4426134
x-cache
Hit from cloudfront
content-length
24824
last-modified
Wed, 20 May 2020 14:52:38 GMT
server
AmazonS3
etag
"ef40dd7cb5acffe1ce3ee9a0b91a78d5"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=22672259
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
OxpkKU6qugcNX6lPONDvB3ou_GIoFZWxRChhdh7uaOCnMhD9ERO6qQ==
Austin%20News%20Deck%20Web-Semibold.woff2
cf.eip.telegraph.co.uk/assets/_fonts/ Frame DB97
42 KB
43 KB
Font
General
Full URL
https://cf.eip.telegraph.co.uk/assets/_fonts/Austin%20News%20Deck%20Web-Semibold.woff2
Requested by
Host: cf.eip.telegraph.co.uk
URL: https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee197417aefc3d92a3f5d06f1ef46a0bbbc362674e226373ebe4e9a4269d5880

Request headers

Origin
https://cf-particle-html.eip.telegraph.co.uk
Referer
https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 02:05:46 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
3580608
x-cache
Hit from cloudfront
content-length
43468
last-modified
Wed, 20 May 2020 14:52:38 GMT
server
AmazonS3
etag
"62c4de1df13dcb939c8058b677df2cad"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=22672259
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
Zee6tf-_98crdgGnDTYgwEvrir7IFwLSr7bE332lBNTqTL8MrcFmNQ==
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ Frame 0764
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,500,600|Libre+Baskerville:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://widgethost.barnebys.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Mar 2021 06:34:42 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:37:32 GMT
server
sffe
age
367671
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47272
x-xss-protection
0
expires
Sun, 27 Mar 2022 06:34:42 GMT
id
dpm.demdex.net/
2 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=2C7336C753C676BA0A490D4B%40AdobeOrg&d_nsid=0&d_mid=22189525394895984890470677963254177433&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1617194553677
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-123-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1fd189ec6dc0ed088b4e2c20ab90bf76534c5b9a6ff56f729ff6061b424e9c32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v090-09c796a99.edge-irl1.demdex.com 5.80.7.20210304103356 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
qIEOzp60SCE=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.telegraph.co.uk
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
809
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s09131270929264
smetrics.telegraph.co.uk/b/ss/tmgtmgescenicprod/10/JS-2.5.0-LBQ1/
3 B
439 B
XHR
General
Full URL
https://smetrics.telegraph.co.uk/b/ss/tmgtmgescenicprod/10/JS-2.5.0-LBQ1/s09131270929264
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Mar 2021 12:42:33 GMT
x-content-type-options
nosniff
x-c
main-1451.Ibee288.M0-486
p3p
CP="This is not a P3P policy"
vary
*
content-length
3
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 01 Apr 2021 12:42:33 GMT
server
jag
xserver
anedge-fd4497967-dq9rf
etag
3472898859971837952-4621886870885299339
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Tue, 30 Mar 2021 12:42:33 GMT
Austin%20News%20Deck%20Web-Semibold.woff2
cf.eip.telegraph.co.uk/assets/_fonts/ Frame 9C45
42 KB
43 KB
Font
General
Full URL
https://cf.eip.telegraph.co.uk/assets/_fonts/Austin%20News%20Deck%20Web-Semibold.woff2
Requested by
Host: cf.eip.telegraph.co.uk
URL: https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee197417aefc3d92a3f5d06f1ef46a0bbbc362674e226373ebe4e9a4269d5880

Request headers

Origin
https://cf-particle-html.eip.telegraph.co.uk
Referer
https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 02:05:46 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
3580608
x-cache
Hit from cloudfront
content-length
43468
last-modified
Wed, 20 May 2020 14:52:38 GMT
server
AmazonS3
etag
"62c4de1df13dcb939c8058b677df2cad"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=22672259
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
iDI4fFGao3IgNMsT4AS4mkiDFqfTutOVfLLlXdYtxAeHY2gupM4V7g==
Austin%20News%20Text%20Web-Roman.woff2
cf.eip.telegraph.co.uk/assets/_fonts/ Frame 9C45
24 KB
25 KB
Font
General
Full URL
https://cf.eip.telegraph.co.uk/assets/_fonts/Austin%20News%20Text%20Web-Roman.woff2
Requested by
Host: cf.eip.telegraph.co.uk
URL: https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9f9c7fcce0dc58d5324b37157ac86486d22284f8643d972e7edf356ca326f27

Request headers

Origin
https://cf-particle-html.eip.telegraph.co.uk
Referer
https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 07:13:40 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
4426134
x-cache
Hit from cloudfront
content-length
24824
last-modified
Wed, 20 May 2020 14:52:38 GMT
server
AmazonS3
etag
"ef40dd7cb5acffe1ce3ee9a0b91a78d5"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=22672259
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
DiaVsp5CRWUZEZApiGltQTeEqTLOftByeeLN2dGp7MUqxDUqloCZpA==
truncated
/ Frame DB97
108 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c127088acbfa8bbf89acad6ea4b3dd2319ba42d0e9f9e64a4971d0f4425eff1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
Austin%20News%20Text%20Web-Roman.woff2
cf.eip.telegraph.co.uk/assets/_fonts/ Frame DB97
24 KB
25 KB
Font
General
Full URL
https://cf.eip.telegraph.co.uk/assets/_fonts/Austin%20News%20Text%20Web-Roman.woff2
Requested by
Host: cf.eip.telegraph.co.uk
URL: https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9f9c7fcce0dc58d5324b37157ac86486d22284f8643d972e7edf356ca326f27

Request headers

Origin
https://cf-particle-html.eip.telegraph.co.uk
Referer
https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 07:13:40 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
4426134
x-cache
Hit from cloudfront
content-length
24824
last-modified
Wed, 20 May 2020 14:52:38 GMT
server
AmazonS3
etag
"ef40dd7cb5acffe1ce3ee9a0b91a78d5"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=22672259
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
iQ_6MBnFMzUmOimShdfXjyAUbIKrc-GC9xjeS74HGZLNg9AGeI9Z3A==
Telesans%20Text%20Web-Regular.woff2
cf.eip.telegraph.co.uk/assets/_fonts/ Frame DB97
51 KB
52 KB
Font
General
Full URL
https://cf.eip.telegraph.co.uk/assets/_fonts/Telesans%20Text%20Web-Regular.woff2
Requested by
Host: cf.eip.telegraph.co.uk
URL: https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-26.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cac535c498691b747ca460edcb3a6229b1142a565b864c2ac9ec91dd0721c0fb

Request headers

Origin
https://cf-particle-html.eip.telegraph.co.uk
Referer
https://cf.eip.telegraph.co.uk/assets/_css/fontsv02.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 19:54:44 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
5158070
x-cache
Hit from cloudfront
content-length
52292
last-modified
Wed, 20 May 2020 14:52:43 GMT
server
AmazonS3
etag
"a35a161a266bbe66302af6b2720c1f68"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=22672259
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
txjnnk6heJpz6odWC1bN5k6480ST5gfOZgYCmMIFP-6ffnz22xWBnw==
config.json
c.go-mpulse.net/api/ Frame 9837
5 KB
2 KB
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=GHENT-R5DY7-KAG4V-6EY7K-3RGVU&d=www.telegraph.co.uk&t=5390649&v=1.720.0&if=&sl=0&si=463288c8-10ca-4776-b361-369ce8a4ed17-qqu3av&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=148538
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/GHENT-R5DY7-KAG4V-6EY7K-3RGVU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:19a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
822f724154a846c9fda943a5d27d0fbd978f9f9c444b811aae26af60341f433a

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1539
prebid
ib.adnxs.com/ut/v3/
19 B
718 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:34 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.73:80
AN-X-Request-Uuid
19be30e6-9692-4109-a886-027e049e3faf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.telegraph.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/
24 B
527 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=323075&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224189041620bfad%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F%3Fsc%3Dtechnology-0%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0%22%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%2C%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%221~%22%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22552c54fe9244f8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22323075%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2276974c54016b72%22%2C%22ext%22%3A%7B%22siteID%22%3A%22323075%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2287905f31797f51%22%2C%22ext%22%3A%7B%22siteID%22%3A%22323078%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229bf22fd5ea7865%22%2C%22ext%22%3A%7B%22siteID%22%3A%22323078%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fe097b55ffc325b4d3eeb4ed7ccd305cf0931b182e80187715f4dcd195e23100

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:34 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.telegraph.co.uk
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
44
x-ak-client-geo
12
expires
Wed, 31 Mar 2021 12:42:34 GMT
arj
telegraph-d.openx.net/w/1.0/
172 B
561 B
XHR
General
Full URL
https://telegraph-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a840bdda-3118-4c67-bb9a-a3b7eea99956%2Ca884f1e5-ec13-4bf3-8a97-35f3d2eceebd&nocache=1617194553941&gdpr=0&x_gdpr_f=1&aus=970x250%2C728x90%7C300x250%2C300x600&divIds=advert_tmg_bbb-540231758%2Cadvert_tmg_mpu-540231756&auid=540231758%2C540231756
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.1 /
Resource Hash
4bdcac6e1108bb481c99ac98ebe6b6ff72ca43dcef5db84c491fe4e53dda998a

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:34 GMT
content-encoding
gzip
server
OXGW/16.205.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
349 B
3 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8560&site_id=226006&zone_id=1110734%3B1110740&size_id=2%3B15&alt_size_ids=57%3B10&p_pos=btf%3Batf&gdpr=0&rf=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&tk_flint=pbjs_lite_v4.29.0&x_source.tid=68b2f9d6-81c4-44c5-960c-65246b9675df%3B68fc1bd1-0b84-4ece-8e04-a4880a8324a8&p_screen_res=1600x1200&rp_secure=1&slots=2&rand=0.1409235212084634
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
8428f70596d16b25d5914602449c5b0592cf8ffa296974f3ba4fa42f21ab718f

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:34 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.telegraph.co.uk
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
349
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
elb.the-ozone-project.com/openrtb2/
10 KB
10 KB
XHR
General
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
be4498060bce703dd1cf670e33f2a5c5e4c3e5a7c29063a8e2a149db93570a46

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:34 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
prebid
ib.adnxs.com/ut/v3/
19 B
717 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:34 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.9:80
AN-X-Request-Uuid
5dd818c4-740a-4114-b02f-fcb6ef5788ec
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.telegraph.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
targeting.unrulymedia.com/
0
276 B
XHR
General
Full URL
https://targeting.unrulymedia.com/prebid
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.telegraph.co.uk
Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:34 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
cdb
bidder.criteo.com/
0
149 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=32415008090
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraph.co.uk
date
Wed, 31 Mar 2021 12:42:33 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bid-request
a.teads.tv/hb/
16 B
251 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 31 Mar 2021 12:42:34 GMT
pubads_impl_2021032202.js
securepubads.g.doubleclick.net/gpt/
286 KB
101 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
783355ba48d24f37c27cafa383cef88a462f95b7fc65d4fdaf57a0bcca7f371c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Mar 2021 18:01:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102487
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:42:34 GMT
collect
www.google-analytics.com/j/
2 B
88 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=413935358&t=pageview&_s=1&dl=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&ul=en-us&de=UTF-8&dt=What%20is%20WannaCry%20and%20how%20does%20ransomware%20work%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=723840439&gjid=1012892703&cid=38788039.1617194554&tid=UA-7226372-1&_gid=1678097665.1617194554&_r=1&z=1952429791
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
__activity.gif
query.petametrics.com/v3/fb6cjraf9cejut2a/9067b434-1ec7-418c-c92a-c42e84a7335c/
35 B
94 B
Image
General
Full URL
https://query.petametrics.com/v3/fb6cjraf9cejut2a/9067b434-1ec7-418c-c92a-c42e84a7335c/__activity.gif?e=widget_response&ct=What+is+WannaCry++and+how+does+ransomware+work%3F&ccu=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&tspl=2667&ist=2031&iet=2042&bdst=1571&bdet=1714&bcttt=22&ts=1617194554108&jsk=fb6cjraf9cejut2a&jsv=20210217&cu=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&uid=9067b434-1ec7-418c-c92a-c42e84a7335c&sid=da1a5b4f-a375-4eb4-94e0-e04a119b3e5f&pvid=c9539b6f-8d65-465b-b1c5-199256eae64c&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F89.0.4389.72+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&tzo=-120&fst=1617194553490&fstr=2048&pt=1&cl=613&w=li-recommendation-widget&source=LI&fetchIndex=1&tryIndex=1&vi=%5B%22https%3A%2F%2Fwww.telegraph.co.uk%2Fbusiness%2F2021%2F03%2F30%2Fbritains-deus-ex-machina-moment-european-economy-sinks-renewed%2F%22%2C%22https%3A%2F%2Fwww.telegraph.co.uk%2Fbusiness%2F2021%2F03%2F31%2Fdeliveroo-backers-lose-2bn-one-worst-market-debuts-record%2F%22%2C%22https%3A%2F%2Fwww.telegraph.co.uk%2Fnews%2F2021%2F03%2F31%2Feus-shameful-approach-putin-reveals-extreme-weakness-position%2F%22%2C%22https%3A%2F%2Fwww.telegraph.co.uk%2Fnews%2F2021%2F03%2F31%2Fwoman-claims-repeatedly-raped-epstein-ghislaine-maxwell-front%2F%22%2C%22https%3A%2F%2Fwww.telegraph.co.uk%2Fbusiness%2F2021%2F03%2F31%2Fcity-starting-give-eu%2F%22%5D&usedJS=10000000&totalJS=10000000&userStatus=anonymous&sdk=bc-pixel
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Mar 2021 12:42:34 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/fb6cjraf9cejut2a/9067b434-1ec7-418c-c92a-c42e84a7335c/
35 B
94 B
Image
General
Full URL
https://query.petametrics.com/v3/fb6cjraf9cejut2a/9067b434-1ec7-418c-c92a-c42e84a7335c/__activity.gif?e=widget_shown&ct=What+is+WannaCry++and+how+does+ransomware+work%3F&ccu=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&tspl=2674&ist=2031&iet=2042&bdst=1571&bdet=1714&bcttt=24&ts=1617194554116&jsk=fb6cjraf9cejut2a&jsv=20210217&cu=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&uid=9067b434-1ec7-418c-c92a-c42e84a7335c&sid=da1a5b4f-a375-4eb4-94e0-e04a119b3e5f&pvid=c9539b6f-8d65-465b-b1c5-199256eae64c&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F89.0.4389.72+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&tzo=-120&w=li-recommendation-widget&source=LI&pl=null&tr=null&st=2670&vi=%5B%22https%3A%2F%2Fwww.telegraph.co.uk%2Fbusiness%2F2021%2F03%2F30%2Fbritains-deus-ex-machina-moment-european-economy-sinks-renewed%2F%22%2C%22https%3A%2F%2Fwww.telegraph.co.uk%2Fbusiness%2F2021%2F03%2F31%2Fdeliveroo-backers-lose-2bn-one-worst-market-debuts-record%2F%22%2C%22https%3A%2F%2Fwww.telegraph.co.uk%2Fnews%2F2021%2F03%2F31%2Feus-shameful-approach-putin-reveals-extreme-weakness-position%2F%22%2C%22https%3A%2F%2Fwww.telegraph.co.uk%2Fnews%2F2021%2F03%2F31%2Fwoman-claims-repeatedly-raped-epstein-ghislaine-maxwell-front%2F%22%2C%22https%3A%2F%2Fwww.telegraph.co.uk%2Fbusiness%2F2021%2F03%2F31%2Fcity-starting-give-eu%2F%22%5D&userStatus=anonymous&sdk=bc-pixel
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Mar 2021 12:42:34 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
__activity.gif
query.petametrics.com/v3/fb6cjraf9cejut2a/9067b434-1ec7-418c-c92a-c42e84a7335c/
35 B
94 B
Image
General
Full URL
https://query.petametrics.com/v3/fb6cjraf9cejut2a/9067b434-1ec7-418c-c92a-c42e84a7335c/__activity.gif?e=widget_visible&ct=What+is+WannaCry++and+how+does+ransomware+work%3F&ccu=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&tspl=2686&ist=2031&iet=2042&bdst=1571&bdet=1714&bcttt=24&ts=1617194554128&jsk=fb6cjraf9cejut2a&jsv=20210217&cu=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&uid=9067b434-1ec7-418c-c92a-c42e84a7335c&sid=da1a5b4f-a375-4eb4-94e0-e04a119b3e5f&pvid=c9539b6f-8d65-465b-b1c5-199256eae64c&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F89.0.4389.72+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&tzo=-120&w=li-recommendation-widget&source=LI&st=2670&tss=9&vi=%5B%22https%3A%2F%2Fwww.telegraph.co.uk%2Fbusiness%2F2021%2F03%2F30%2Fbritains-deus-ex-machina-moment-european-economy-sinks-renewed%2F%22%2C%22https%3A%2F%2Fwww.telegraph.co.uk%2Fbusiness%2F2021%2F03%2F31%2Fdeliveroo-backers-lose-2bn-one-worst-market-debuts-record%2F%22%2C%22https%3A%2F%2Fwww.telegraph.co.uk%2Fnews%2F2021%2F03%2F31%2Feus-shameful-approach-putin-reveals-extreme-weakness-position%2F%22%2C%22https%3A%2F%2Fwww.telegraph.co.uk%2Fnews%2F2021%2F03%2F31%2Fwoman-claims-repeatedly-raped-epstein-ghislaine-maxwell-front%2F%22%2C%22https%3A%2F%2Fwww.telegraph.co.uk%2Fbusiness%2F2021%2F03%2F31%2Fcity-starting-give-eu%2F%22%5D&userStatus=anonymous&sdk=bc-pixel
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Mar 2021 12:42:34 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
ping
ping.chartbeat.net/
43 B
169 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=telegraph.co.uk&p=%2Ftechnology%2F0%2Fransomware-does-work%2F&u=DAmqLiuZ7nZDxrUVS&d=telegraph.co.uk&g=65595&g0=technology&g1=Cara%20%20McGoogan%3B%20James%20Titcomb%3B%20Charlotte%20Krol&n=1&f=00001&c=0&x=0&m=0&y=7891&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2732&_s=%7B%22mcvid%22%3A%2200000000000000000000000000000000000000%22%2C%22articleId%22%3A%22AnzWLH2WJGKk%22%7D&t=ChgL8gBYK79l_AUWaghqmVBAd_7t&V=125&i=What%20is%20WannaCry%20and%20how%20does%20ransomware%20work%3F&tz=-120&_acct=anon&sn=1&sv=BQMA4L3n-yVBQlF41DnlHL5BzCPk0&sd=1&im=067b0fff&_
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.213.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-213-29.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035736&c3=&comscorekw=technology&ns__t=1617194554180&ns_c=UTF-8&cv=3.5&c8=What%20is%20WannaCry%20and%20how%20does%20ransomware%20work%3F&c7=https%3A%2F%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035736&c3=&comscorekw=technology&ns__t=1617194554180&ns_c=UTF-8&cv=3.5&c8=What%20is%20WannaCry%20and%20how%20does%20ransomware%20work%3F&c7=https%3A%2F%...
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035736&c3=&comscorekw=technology&ns__t=1617194554180&ns_c=UTF-8&cv=3.5&c8=What%20is%20WannaCry%20and%20how%20does%20ransomware%20work%3F&c7=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&c9=&cs_ak_ss=1
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:34 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035736&c3=&comscorekw=technology&ns__t=1617194554180&ns_c=UTF-8&cv=3.5&c8=What%20is%20WannaCry%20and%20how%20does%20ransomware%20work%3F&c7=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:34 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
robots.txt
t.skimresources.com/api/v2/ Frame 553E
0
102 B
Image
General
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.32956970042614997
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:34 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/
43 B
244 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=5.768339901335967
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:34 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/
43 B
102 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=5.768339901335967
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:34 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/core/head.min.5-84--1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBB) /
Resource Hash
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
552
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
29026
x-tw-cdn
VZ
Last-Modified
Wed, 03 Mar 2021 19:22:22 GMT
Server
ECS (amb/6BBB)
Etag
"965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
custom-metrics
tcf2.telegraph.co.uk/wrapper/metrics/v1/ Frame
0
0
Preflight
General
Full URL
https://tcf2.telegraph.co.uk/wrapper/metrics/v1/custom-metrics
Protocol
H2
Server
13.226.159.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-114.dus51.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.telegraph.co.uk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html; charset=utf-8
content-length
4
date
Wed, 31 Mar 2021 12:42:34 GMT
x-powered-by
Express
access-control-allow-origin
https://www.telegraph.co.uk
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache, no-store
allow
POST
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
WbBtjGcEGPVrEegyTqD47CQ-1GHdfaZIipYyTsd5-VIRqW0DxOuAnw==
custom-metrics
tcf2.telegraph.co.uk/wrapper/metrics/v1/
2 B
0
Fetch
General
Full URL
https://tcf2.telegraph.co.uk/wrapper/metrics/v1/custom-metrics
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-cmp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-114.dus51.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Mar 2021 12:42:34 GMT
via
1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length
2
x-amz-cf-id
OE2r4H1u7qEPsVwL4pBxgArIEO8tWS4gtNlIxLJp-1wePYl1o8YLTg==
e8eaf546-a7b4-4d26-bc0a-3a71131d21c3-web.js
cdn.permutive.com/
0
0
Script
General
Full URL
https://cdn.permutive.com/e8eaf546-a7b4-4d26-bc0a-3a71131d21c3-web.js
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-gpt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cx.cce.js
cdn.cxense.com/
22 KB
6 KB
Script
General
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:298::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9b18e7bfca8064c887385c5cf57bdbcb6f7d263d0fb9cb320d94bc1f82a62a7c

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Feb 2021 15:28:34 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5903
Expires
Wed, 31 Mar 2021 13:42:34 GMT
execute
experience.tinypass.com/xbuilder/experience/
7 KB
3 KB
XHR
General
Full URL
https://experience.tinypass.com/xbuilder/experience/execute?aid=NJu5KnOFpu
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61a57024ca22ef4365e6db45215225c10b75005d83840e6b16159c65afa53d9e
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 31 Mar 2021 12:42:34 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
0929e7abd800002c36ff22d000000001
x-request-id
Cya3uqqpFrI
pragma
no-cache
wn
prod-exp-10-0-122-104
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6389a88c892e2c36-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
get.js
buy.tinypass.com/api/v3/anon/captcha/
153 B
309 B
Script
General
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=NJu5KnOFpu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
651fe540b140c022ca2d64f6af1a63961b9e3b85093136e5cc9322eb1f75206c
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
210
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
cf-request-id
0929e7abdb00002c36c9a10000000001
x-request-id
C453uqqNjBN
pragma
wn
prod-dash-10-0-82-128
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript
server-time
0.006
cache-control
public, max-age=1200
cf-ray
6389a88c99342c36-FRA
expires
Wed, 31 Mar 2021 13:02:34 GMT
collect
stats.g.doubleclick.net/j/
4 B
91 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-7226372-1&cid=38788039.1617194554&jid=723840439&gjid=1012892703&_gid=1678097665.1617194554&_u=YEBAAEAAAAAAAC~&z=1320229811
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 31 Mar 2021 12:42:34 GMT
content-type
text/plain
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01F244X51S74TECDGQSDXW30X3&persistence=1&checksum=92728489988f0a0d006f65e5345d3591084e6258d8a6f777af979a35d6bc3895
187 B
497 B
XHR
General
Full URL
https://r.skimresources.com/api/?xguid=01F244X51S74TECDGQSDXW30X3&persistence=1&checksum=92728489988f0a0d006f65e5345d3591084e6258d8a6f777af979a35d6bc3895
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
7b8b8110fb79949f45e9fdcda47c4e28040b2cd94dc809c9b013010e8acd6e6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.telegraph.co.uk
vary
Accept-Encoding
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Wed, 31 Mar 2021 12:42:34 GMT
via
1.1 google
server
openresty/1.11.2.5
access-control-allow-origin
https://www.telegraph.co.uk
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://r.skimresources.com/api/?xguid=01F244X51S74TECDGQSDXW30X3&persistence=1&checksum=92728489988f0a0d006f65e5345d3591084e6258d8a6f777af979a35d6bc3895
access-control-allow-credentials
true
content-type
text/html
alt-svc
clear
content-length
193
/
analytics.barnebys.sh/ Frame 0764
43 B
389 B
Image
General
Full URL
https://analytics.barnebys.sh/?p=a13&a=1&k=impression&s=963592047dc5c42985a7c7bec8ae2fb0
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://widgethost.barnebys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:34 GMT
server
Vercel
age
0
x-vercel-id
cdg1::sfo1::pvmrf-1617194554447-cf500f35a20e
x-vercel-cache
MISS
strict-transport-security
max-age=63072000
content-type
image/gif
cache-control
public, max-age=0
x-robots-tag
noindex
content-length
43
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-7226372-1&cid=38788039.1617194554&jid=723840439&_u=YEBAAEAAAAAAAC~&z=741710013
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-7226372-1&cid=38788039.1617194554&jid=723840439&_u=YEBAAEAAAAAAAC~&z=741710013
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 8C42
183 B
411 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=0370dd3978a8dd79e7e633993e5e68bb18ba8a6d
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fwww.telegraph.co.uk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
116
date
Wed, 31 Mar 2021 12:42:34 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 12:42:34 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
f90ed6783b80b3ef2629868d17844d15
strict-transport-security
max-age=631138519
content-length
152
horizon_tweet.34340b4862062ad52a16974fec38ada0.js
platform.twitter.com/js/
6 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/horizon_tweet.34340b4862062ad52a16974fec38ada0.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B75) /
Resource Hash
62b338caf89fbe98a2df5026edefa2ed6c1bb4a46bb26f7cbcf2a3d95a51dc75

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 19:20:13 GMT
Server
ECS (amb/6B75)
Age
1785130
Etag
"e2b05de91f8c78f901db283e3e344817+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2201
/
loadm.exelator.com/load/ Frame 370D
0
324 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=22164234260906839360468712829451087008
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tmg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cx.js
cdn.cxense.com/
111 KB
27 KB
Script
General
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:298::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6abbfc0c748359e96f5356c294ba912944121092457f93c622b6a3190b1c3700

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 12:22:45 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26879
Expires
Wed, 31 Mar 2021 13:42:34 GMT
tick.svg
www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/_base/img/
229 B
647 B
Image
General
Full URL
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels/_base/img/tick.svg
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels.min.5-83--0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.129.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-129-80.deploy.static.akamaitechnologies.com
Software
openresty/1.15.8.2 /
Resource Hash
7a6afde6bba3a64ba2ff3a786a29b19d19a0f411df7fb5b92e7651c3a5f9bc58
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.telegraph.co.uk/etc/designs/telegraph/core/clientlibs/tmgchannels.min.5-83--0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 04 Dec 2019 12:07:55 GMT
server
openresty/1.15.8.2
x-frame-options
SAMEORIGIN
etag
"e5-598dfa9b07ee7"
content-security-policy-report-only
default-src https: data: blob: android-webview-video-poster: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /csp-reports/;
content-type
image/svg+xml
cache-control
public, max-age=24432081
date
Wed, 31 Mar 2021 12:42:34 GMT
content-security-policy
frame-ancestors 'self' pulse.telegraph.co.uk;
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes, bytes
content-length
187
page
t.skimresources.com/api/v2/
22 B
88 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:34 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
link
t.skimresources.com/api/v2/
22 B
343 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:34 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
rep.gif
scomcluster.cxense.com/Repo/
43 B
468 B
Image
General
Full URL
https://scomcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=kmxfvs8vrpg7hsg8&acc=0&sid=1140838973403052804&loc=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&gol=&pgn=&new=0&arf=0&ltm=1617194554499&ref=&tzo=-120&res=1600x1200&dpr=1&col=24&jav=0&bln=en-US&chs=UTF-8&cks=kmxfvsf3thvjeopw&ckp=kmxfvs98uyg5eow0&glb=&wsz=1600x1200&cp_userState=anon&cp_ver=2.40&cp_testGroup=39&fls=0&flv=
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
de715.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:34 GMT
Server
Jetty(9.4.28.v20200408)
P3P
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
43
Content-Type
image/gif
ibs:dpid=358&dpuuid=5604535459600584512
dpm.demdex.net/ Frame 370D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=5604535459600584512
42 B
915 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5604535459600584512
Requested by
Host: www.telegraph.co.uk
URL: https://www.telegraph.co.uk/technology/0/ransomware-does-work/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-123-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://tmg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-09b648171.edge-irl1.demdex.com 5.80.7.20210304103356 1ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
hWc3CritQ9I=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:34 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.239:80
AN-X-Request-Uuid
c07e8e1b-ef9b-4a7f-be8f-c8a6f27caaeb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5604535459600584512
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
token
token.rubiconproject.com/ Frame 370D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=22164234260906839360468712829451087008&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=KMXFVS42-K-9UGY&redir=https%3A%2F%2Ftoken.rubiconproject.com%2Ftoken%3Fpid%3D6404%26puid%3D%24%7BDD_UUID%7D%26rk%3DNoRedirect?gdpr=0
  • https://token.rubiconproject.com/token?pid=6404&puid=61650870140457631521046825960338994164&rk=NoRedirect
0
460 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=61650870140457631521046825960338994164&rk=NoRedirect
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tmg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
U5XXSP11QdU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://token.rubiconproject.com/token?pid=6404&puid=61650870140457631521046825960338994164&rk=NoRedirect
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=771&dpuuid=CAESEBTRz7SGkn4cpzEmJtaaZ0w&google_cver=1
dpm.demdex.net/ Frame 370D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjIxNjQyMzQyNjA5MDY4MzkzNjA0Njg3MTI4Mjk0NTEwODcwMDg=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjIxNjQyMzQyNjA5MDY4MzkzNjA0Njg3MTI4Mjk0NTEwODcwMDg=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBTRz7SGkn4cpzEmJtaaZ0w&google_cver=1?gdpr=0&gdpr_consent=
42 B
915 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBTRz7SGkn4cpzEmJtaaZ0w&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-123-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://tmg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-0014e76c8.edge-irl1.demdex.com 5.80.7.20210304103356 1ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
pdo3EElHSAg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBTRz7SGkn4cpzEmJtaaZ0w&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
telegraph-app.quantummetric.com/
90 B
434 B
XHR
General
Full URL
https://telegraph-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&t=1617194554725&v=1617194554778&z=1&S=0&N=0&P=0
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.76.9.209 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
209.9.76.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2b54fb24cbbc2a211e33d1ecf3752edac4ff07efe5bf4002e61c7fbb5ac264f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Mar 2021 12:42:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.telegraph.co.uk
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
sync
pixel.advertising.com/ups/28/ Frame 370D
Redirect Chain
  • https://pixel.advertising.com/ups/28/sync?uid=22164234260906839360468712829451087008&_origin=1&redir=true
  • https://pixel.advertising.com/ups/28/sync?uid=22164234260906839360468712829451087008&_origin=1&redir=true&verify=true
0
254 B
Image
General
Full URL
https://pixel.advertising.com/ups/28/sync?uid=22164234260906839360468712829451087008&_origin=1&redir=true&verify=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.153.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-153-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tmg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:34 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/28/sync?uid=22164234260906839360468712829451087008&_origin=1&redir=true&verify=true
date
Wed, 31 Mar 2021 12:42:34 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
telegraph-app.quantummetric.com/
28 B
253 B
XHR
General
Full URL
https://telegraph-app.quantummetric.com/?s=72306318add7a9f3dfa158dbb8fa6d8b&H=d276fa72c45e0a06f318454d&Q=3
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.76.9.209 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
209.9.76.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.telegraph.co.uk
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
/
telegraph-sync.quantummetric.com/
0
168 B
XHR
General
Full URL
https://telegraph-sync.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&t=1617194554725&v=1617194554782&z=1&Q=1&Y=1&X=ecfffd670b2947121efe583f242f4641
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.205.136.23 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
23.136.205.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraph.co.uk
date
Wed, 31 Mar 2021 12:42:35 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
strict-transport-security
max-age=31536000
content-type
application/json
/
telegraph-app.quantummetric.com/
0
167 B
XHR
General
Full URL
https://telegraph-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&t=1617194554725&v=1617194554964&H=d276fa72c45e0a06f318454d&s=72306318add7a9f3dfa158dbb8fa6d8b&U=ed88491e0586e33e1e1e97137d1df3c7&z=1&Q=2&S=0&N=0
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.76.9.209 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
209.9.76.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraph.co.uk
date
Wed, 31 Mar 2021 12:42:34 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
strict-transport-security
max-age=31536000
content-type
application/json
ibs:dpid=23728&dpuuid=YGRuOn6R5xQAE17-bcl7dQAA%261168
dpm.demdex.net/ Frame 370D
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YGRuOn6R5xQAE17-bcl7dQAA%261168
42 B
915 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YGRuOn6R5xQAE17-bcl7dQAA%261168
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-123-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://tmg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-0c3aa1bf1.edge-irl1.demdex.com 5.80.7.20210304103356 1ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
BqKFaNE0SIc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YGRuOn6R5xQAE17-bcl7dQAA%261168
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
264
Expires
Wed, 31 Mar 2021 12:42:35 GMT
/
telegraph-app.quantummetric.com/
0
167 B
XHR
General
Full URL
https://telegraph-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&t=1617194554725&v=1617194555007&H=d276fa72c45e0a06f318454d&s=72306318add7a9f3dfa158dbb8fa6d8b&z=1&S=15656&N=11&P=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.76.9.209 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
209.9.76.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraph.co.uk
date
Wed, 31 Mar 2021 12:42:35 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
strict-transport-security
max-age=31536000
content-type
application/json
rid
match.adsrvr.org/track/
109 B
547 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=188607&gdpr=0
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.90.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-90-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
86a2ccfbd1d3e55c7635b26466be0ef185335de1977e4655443345e093fd459d

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 31 Mar 2021 12:42:35 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 30 Apr 2021 12:42:35 GMT
ibs:dpid=72352&dpuuid=1565355192850792757&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 370D
Redirect Chain
  • https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://dpm.demdex.net/ibs:dpid=72352&dpuuid=1565355192850792757&gdpr=0&gdpr_consent=
42 B
915 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=1565355192850792757&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-123-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://tmg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-066368f53.edge-irl1.demdex.com 5.80.7.20210304103356 1ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
bRHFqlXHR0M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=1565355192850792757&gdpr=0&gdpr_consent=
date
Wed, 31 Mar 2021 12:42:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ibs:dpid=121998&dpuuid=caaf92ad6b199bbc03a15e19bc14059
dpm.demdex.net/ Frame 370D
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=22164234260906839360468712829451087008?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=22164234260906839360468712829451087008?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=caaf92ad6b199bbc03a15e19bc14059
42 B
915 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=caaf92ad6b199bbc03a15e19bc14059
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.123.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-123-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://tmg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v090-0a8ae587c.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
a9OHG1U2Qp0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:35 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=caaf92ad6b199bbc03a15e19bc14059
cache-control
no-cache
x-server
10.45.22.130
content-length
0
expires
0
headerstats
as-sec.casalemedia.com/
0
317 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=319259&u=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&v=3
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:35 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.telegraph.co.uk
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 31 Mar 2021 12:42:35 GMT
22164234260906839360468712829451087008
adobeaam.beemray.com/rest/aam/idsync/ Frame 370D
0
0
Image
General
Full URL
https://adobeaam.beemray.com/rest/aam/idsync/22164234260906839360468712829451087008
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.237.48.86 London, United Kingdom, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-48-86.uk-lon1.upcloud.host
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tmg.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
684dd30d.akstat.io/
0
205 B
Other
General
Full URL
https://684dd30d.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/GHENT-R5DY7-KAG4V-6EY7K-3RGVU
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:35 GMT
content-type
image/gif
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:42:35 GMT
s04223348947503
smetrics.telegraph.co.uk/b/ss/tmgtmgescenicprod/10/JS-2.5.0-LBQ1/
3 B
170 B
XHR
General
Full URL
https://smetrics.telegraph.co.uk/b/ss/tmgtmgescenicprod/10/JS-2.5.0-LBQ1/s04223348947503
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Mar 2021 12:42:35 GMT
x-content-type-options
nosniff
x-c
main-1451.Ibee288.M0-486
p3p
CP="This is not a P3P policy"
vary
*
content-length
3
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 01 Apr 2021 12:42:35 GMT
server
jag
xserver
anedge-fd4497967-kvb2f
etag
3472898864030580736-4622045007822304336
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.telegraph.co.uk
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Tue, 30 Mar 2021 12:42:35 GMT
publishertag.prebid.js
static.criteo.net/js/ld/
80 KB
26 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/develop/telegraph-advertising/prebid/prebid4.29.0.appnexus.criteo.ix.openx.ozone.rubicon.teads.adomik.ga.consentManagementGDPR.PubComID.UserIDPubComID.unruly.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:36 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 01 Apr 2021 12:42:36 GMT
syncframe
gum.criteo.com/ Frame 6689
0
150 B
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=www.telegraph.co.uk&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.telegraph.co.uk&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.telegraph.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.telegraph.co.uk/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1518
date
Wed, 31 Mar 2021 12:42:36 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/
80 KB
26 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:36 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 01 Apr 2021 12:42:36 GMT
/
telegraph-app.quantummetric.com/
0
167 B
XHR
General
Full URL
https://telegraph-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&t=1617194554725&v=1617194559779&H=d276fa72c45e0a06f318454d&s=72306318add7a9f3dfa158dbb8fa6d8b&z=1&S=16042&N=18&P=2
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.76.9.209 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
209.9.76.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraph.co.uk
date
Wed, 31 Mar 2021 12:42:39 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
strict-transport-security
max-age=31536000
content-type
application/json
/
telegraph-app.quantummetric.com/
0
167 B
XHR
General
Full URL
https://telegraph-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&t=1617194554725&v=1617194559823&H=d276fa72c45e0a06f318454d&s=72306318add7a9f3dfa158dbb8fa6d8b&z=1&Q=2&S=1601&N=1
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.76.9.209 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
209.9.76.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraph.co.uk
date
Wed, 31 Mar 2021 12:42:39 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
strict-transport-security
max-age=31536000
content-type
application/json
__activity.gif
query.petametrics.com/v3/fb6cjraf9cejut2a/9067b434-1ec7-418c-c92a-c42e84a7335c/
35 B
94 B
Image
General
Full URL
https://query.petametrics.com/v3/fb6cjraf9cejut2a/9067b434-1ec7-418c-c92a-c42e84a7335c/__activity.gif?e=stuck_10s&ct=What+is+WannaCry++and+how+does+ransomware+work%3F&ccu=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&tspl=12037&ist=2031&iet=2042&bdst=1571&bdet=1714&bcttt=42&ts=1617194563479&jsk=fb6cjraf9cejut2a&jsv=20210217&cu=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&uid=9067b434-1ec7-418c-c92a-c42e84a7335c&sid=da1a5b4f-a375-4eb4-94e0-e04a119b3e5f&pvid=c9539b6f-8d65-465b-b1c5-199256eae64c&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F89.0.4389.72+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&tzo=-120&w=null&source=null&userStatus=anonymous&sdk=bc-pixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Mar 2021 12:42:43 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
clear
content-length
35
content-type
image/gif
ixmatch.html
js-sec.indexww.com/um/ Frame F512
2 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/develop/telegraph-advertising/prebid/prebid4.29.0.appnexus.criteo.ix.openx.ozone.rubicon.teads.adomik.ga.consentManagementGDPR.PubComID.UserIDPubComID.unruly.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.telegraph.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.telegraph.co.uk/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Wed, 31 Mar 2021 12:42:44 GMT
Content-Length
1151
Connection
keep-alive
load-cookie.html
elb.the-ozone-project.com/static/ Frame 803A
11 KB
11 KB
Document
General
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&publisherId=OZONETMG0001&siteId=4204204210&cb=1617194554374&bidder=ozone
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/develop/telegraph-advertising/prebid/prebid4.29.0.appnexus.criteo.ix.openx.ozone.rubicon.teads.adomik.ga.consentManagementGDPR.PubComID.UserIDPubComID.unruly.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6acd6530f3307c1ca3acad63a88d4905891624f97837bd73b2afcd43e641025e

Request headers

:method
GET
:authority
elb.the-ozone-project.com
:scheme
https
:path
/static/load-cookie.html?gdpr=0&gdpr_consent=&publisherId=OZONETMG0001&siteId=4204204210&cb=1617194554374&bidder=ozone
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.telegraph.co.uk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.telegraph.co.uk/

Response headers

date
Wed, 31 Mar 2021 12:42:44 GMT
content-type
text/html; charset=utf-8
content-length
10867
accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
expires
0
last-modified
Mon, 31 Aug 2020 17:19:11 GMT
pragma
no-cache
vary
Origin
usync.html
eus.rubiconproject.com/ Frame 5681
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.telegraph.co.uk
URL: https://static.telegraph.co.uk/develop/telegraph-advertising/prebid/prebid4.29.0.appnexus.criteo.ix.openx.ozone.rubicon.teads.adomik.ga.consentManagementGDPR.PubComID.UserIDPubComID.unruly.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.telegraph.co.uk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.telegraph.co.uk/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Mar 2021 12:42:44 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 4077
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2825f7f6a5ef17c25ae45a8cea9b4f73eda59a9b5692bc213276c476affd07e5

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YGRuRBc3iGY-MC2VehDywAAA; CMPS=3202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|241|39|195|190|156|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1746
Expires
Wed, 31 Mar 2021 12:42:44 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:44 GMT
Connection
keep-alive
Set-Cookie
CMID=YGRuRBc3iGY-MC2VehDywAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 31 Mar 2022 12:42:44 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 29 Jun 2021 12:42:44 GMT CMPRO=1157;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 29 Jun 2021 12:42:44 GMT CMRUM3=c460646e4405a0&9c60646e4405a00&c360646e4405a00&e660646e4427600&f160646e4405a00&2d60646e4405a0&be60646e4405a0&2760646e440b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 31 Mar 2022 12:42:44 GMT CMST=YGRuRGBkbkQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 01 Apr 2021 12:42:44 GMT

Redirect headers

Server
Apache
Content-Length
380
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 31 Mar 2021 12:42:44 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:44 GMT
Connection
keep-alive
Set-Cookie
CMID=YGRuRBc3iGY-MC2VehDywAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 31 Mar 2022 12:42:44 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 29 Jun 2021 12:42:44 GMT
cookie_sync
elb.the-ozone-project.com/ Frame 803A
3 KB
4 KB
XHR
General
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&publisherId=OZONETMG0001&siteId=4204204210&cb=1617194554374&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
461f9e095a1c22e1e4f3d0ce0eef80c88bd0500144a61bf63dbc55a1b2a6a25d

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&publisherId=OZONETMG0001&siteId=4204204210&cb=1617194554374&bidder=ozone
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
setuid
elb.the-ozone-project.com/ Frame 803A
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&sovrn_retry=true
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=1c385eab2210fb8276b2d8f6
0
379 B
Image
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=1c385eab2210fb8276b2d8f6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Date
Wed, 31 Mar 2021 12:42:44 GMT
Server
nginx
Location
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=1c385eab2210fb8276b2d8f6
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 5681
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f560ef51d47e36158a7122135ebb881eda3ea0fc010728c0451a61efa6c2d51a

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:44 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Mar 2021 16:06:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74500
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9491
Expires
Thu, 01 Apr 2021 09:24:24 GMT
khaos.jpg
token.rubiconproject.com/ Frame 5681
284 B
933 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
crum
dsum-sec.casalemedia.com/ Frame 4077
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YGRuRBc3iGY-MC2VehDywAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJvlqEfs85C82rtmFPzmbn0&google_cver=1
43 B
1003 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJvlqEfs85C82rtmFPzmbn0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 31 Mar 2021 12:42:44 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJvlqEfs85C82rtmFPzmbn0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 4077
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YGRuRBc3iGY_MC2VehDywAAABIUAAAIB
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YGRuRBc3iGY_MC2VehDywAAABIUAAAIB&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDKJpX0_HJnUsrMPLAlFFIk&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDKJpX0_HJnUsrMPLAlFFIk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 31 Mar 2021 12:42:44 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDKJpX0_HJnUsrMPLAlFFIk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4077
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YGRuRBc3iGY_MC2VehDywAAABIUAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YGRuRBc3iGY_MC2VehDywAAABIUAAAIB&dcc=t
43 B
720 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YGRuRBc3iGY_MC2VehDywAAABIUAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:45 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:44 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YGRuRBc3iGY_MC2VehDywAAABIUAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4077
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=YGRuRBc3iGY-MC2VehDywAAA&cm_dsp_id=39
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.90.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-90-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4077
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3f5a0fa-0380-425f-88dc-c05fb9225064
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3f5a0fa-0380-425f-88dc-c05fb9225064
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 31 Mar 2021 12:42:44 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3f5a0fa-0380-425f-88dc-c05fb9225064
date
Wed, 31 Mar 2021 12:42:44 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum.casalemedia.com/ Frame 4077
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2852011108171826666
43 B
995 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2852011108171826666
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 31 Mar 2021 12:42:44 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:44 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.155:80
AN-X-Request-Uuid
79e96296-7f37-4aa6-af2b-16db07e12992
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2852011108171826666
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookiesync
bttrack.com/pixel/ Frame 4077
35 B
380 B
Image
General
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:12 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
us.php
gu.dyntrk.com/adx/ie/ Frame 4077
0
215 B
Image
General
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.8.70 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3184584.ip-135-125-8.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4077
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YGRuRBc3iGY-MC2VehDywAAA%261157
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.telegraph.co.uk/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:44 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2164
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 31 Mar 2021 13:18:48 GMT
setuid
elb.the-ozone-project.com/ Frame 803A
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D&ox_sc=1
  • https://elb.the-ozone-project.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=a4da1051-503d-4af6-9548-3135cefd236b
0
517 B
Image
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=a4da1051-503d-4af6-9548-3135cefd236b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://elb.the-ozone-project.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=a4da1051-503d-4af6-9548-3135cefd236b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
bij3ksa6q9jmbu528936p2nbhji6kb94
tap.php
pixel.rubiconproject.com/ Frame 5681
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=667a6064-6e44-4a00-9dae-b401492c5549&gdpr=0&gdpr_consent=
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=667a6064-6e44-4a00-9dae-b401492c5549&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

Date
Wed, 31 Mar 2021 12:42:44 GMT
Server
MT3 3628 75f709e master zrh-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=667a6064-6e44-4a00-9dae-b401492c5549&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 31 Mar 2021 12:42:43 GMT
709414.gif
id.rlcdn.com/ Frame 5681
0
66 B
Image
General
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:44 GMT
via
1.1 google
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5681
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01YRlcwNkgtSS1FQjhL&gdpr=0
170 B
201 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01YRlcwNkgtSS1FQjhL&gdpr=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01YRlcwNkgtSS1FQjhL&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5681
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWQ4NzJhMDRkZjhkYTA2ZGY1NzZjM2FkYTE3NjhlY2U1YjQyOGY3Yw&gdpr=0
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWQ4NzJhMDRkZjhkYTA2ZGY1NzZjM2FkYTE3NjhlY2U1YjQyOGY3Yw&gdpr=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWQ4NzJhMDRkZjhkYTA2ZGY1NzZjM2FkYTE3NjhlY2U1YjQyOGY3Yw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5681
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEP687LVRLnPlMbmEI5QtcuQ&google_cver=1
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEP687LVRLnPlMbmEI5QtcuQ&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEP687LVRLnPlMbmEI5QtcuQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 5681
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMXFW06H-I-EB8K&sigv=1&esig=2~b92be36d6745863bb6f2c5daf52b78257edfffd4&gdpr=0
0
447 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMXFW06H-I-EB8K&sigv=1&esig=2~b92be36d6745863bb6f2c5daf52b78257edfffd4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:44 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMXFW06H-I-EB8K&sigv=1&esig=2~b92be36d6745863bb6f2c5daf52b78257edfffd4&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 5681
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.90.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-90-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 5681
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/iy2NuRXSjgVhyVuW2izd4Q?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8003230086881234698
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8003230086881234698
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

date
Wed, 31 Mar 2021 12:42:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8003230086881234698
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
telegraph-app.quantummetric.com/
0
167 B
XHR
General
Full URL
https://telegraph-app.quantummetric.com/?T=B&u=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F0%2Fransomware-does-work%2F&t=1617194554725&v=1617194564780&H=d276fa72c45e0a06f318454d&s=72306318add7a9f3dfa158dbb8fa6d8b&z=1&S=23528&N=26&P=3
Requested by
Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-telegraph.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.76.9.209 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
209.9.76.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.telegraph.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.telegraph.co.uk
date
Wed, 31 Mar 2021 12:42:44 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
strict-transport-security
max-age=31536000
content-type
application/json
setuid
elb.the-ozone-project.com/ Frame 803A
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=YGRuRBc3iGY-MC2VehDywAAA%261157
0
658 B
Image
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=YGRuRBc3iGY-MC2VehDywAAA%261157
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=YGRuRBc3iGY-MC2VehDywAAA%261157
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
303
Expires
Wed, 31 Mar 2021 12:42:44 GMT
setuid
elb.the-ozone-project.com/ Frame 803A
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212308078&bidder=neustar&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=neustar&gdpr=0&gdpr_consent=&uid=T4GVYPfMHYDQzjw09fEmC73%2BiwMSpPccPqmISYjX2i0%3D
0
806 B
Image
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=neustar&gdpr=0&gdpr_consent=&uid=T4GVYPfMHYDQzjw09fEmC73%2BiwMSpPccPqmISYjX2i0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:45 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://elb.the-ozone-project.com/setuid?bidder=neustar&gdpr=0&gdpr_consent=&uid=T4GVYPfMHYDQzjw09fEmC73%2BiwMSpPccPqmISYjX2i0%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
setuid
elb.the-ozone-project.com/ Frame 803A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=KMXFW06H-I-EB8K&gdpr=0
0
925 B
Image
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=KMXFW06H-I-EB8K&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=KMXFW06H-I-EB8K&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
setuid
elb.the-ozone-project.com/ Frame 803A
Redirect Chain
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=ea3cb368-48c7-47b5-bbdc-c99d617f3b15
0
1 KB
Image
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=ea3cb368-48c7-47b5-bbdc-c99d617f3b15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=ea3cb368-48c7-47b5-bbdc-c99d617f3b15
date
Wed, 31 Mar 2021 12:42:45 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
elb.the-ozone-project.com/ Frame 803A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAItuk7AyN0AACmVv3NmFg
0
1 KB
Image
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAItuk7AyN0AACmVv3NmFg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAItuk7AyN0AACmVv3NmFg
Date
Wed, 31 Mar 2021 12:42:45 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
setuid
elb.the-ozone-project.com/ Frame 803A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2852011108171826666
0
1 KB
Image
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2852011108171826666
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:45 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.36:80
AN-X-Request-Uuid
7c656faa-38be-4eb1-83a0-e89aeb038e98
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=2852011108171826666
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
101995
dmx.districtm.io/s/v1/img/s/ Frame 803A
0
409 B
Image
General
Full URL
https://dmx.districtm.io/s/v1/img/s/101995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
6389a8d4ccc32325-ZRH
access-control-allow-headers
Content-Type, Origin
cf-request-id
0929e7d8fb00002325a6869000000001
setuid
elb.the-ozone-project.com/ Frame 803A
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy={{us_privacy}}&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=10707309288337980120
0
1 KB
Image
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=10707309288337980120
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=10707309288337980120
date
Wed, 31 Mar 2021 12:42:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F20A
8 KB
3 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&publisherId=OZONETMG0001&siteId=4204204210&cb=1617194554374&bidder=ozone
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://elb.the-ozone-project.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://elb.the-ozone-project.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=89092
Expires
Thu, 01 Apr 2021 13:27:38 GMT
Date
Wed, 31 Mar 2021 12:42:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3630
37 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=85377
Expires
Thu, 01 Apr 2021 12:25:43 GMT
Date
Wed, 31 Mar 2021 12:42:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 3630
3 KB
4 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19091292&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3634f2b80c4d2696639cce21d8c34b8b76299f3c273baa86c1c74c043baf494d

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:46 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 497D
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2628316156748137509
42 B
769 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2628316156748137509
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19091292&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=2:2; KADUSERCOOKIE=E2C7C044-3D2C-4CF0-AD94-053E4F260C30; chkChromeAb67Sec=1; DPSync3=1618358400%3A227_226_221_201; SyncRTB3=1618358400%3A161_7_3_71_220_21_13_54_56%7C1618444800%3A35; KRTBCOOKIE_57=22776-2852011108171826666; PugT=1617194565; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEE2Zvy_xPtszlFrHXKisNSg&KRTB&22987-CAESEE2Zvy_xPtszlFrHXKisNSg&KRTB&23025-CAESEE2Zvy_xPtszlFrHXKisNSg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 31 Mar 2021 12:42:45 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-2628316156748137509; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 30-Apr-2021 12:42:45 GMT; path=/ PugT=1617194565; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 30-Apr-2021 12:42:45 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 12:42:45 GMT; path=/
X-lat
amspug003:0:416
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2628316156748137509
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 600F
43 B
284 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19091292&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 31 Mar 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1092
date
Wed, 31 Mar 2021 12:42:45 GMT
content-length
43
setuid
elb.the-ozone-project.com/ Frame 79FC
0
2 KB
Document
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=E2C7C044-3D2C-4CF0-AD94-053E4F260C30
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
elb.the-ozone-project.com
:scheme
https
:path
/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=E2C7C044-3D2C-4CF0-AD94-053E4F260C30
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ozone_uid=1qWTtvMiYDeB2beeTffSmF0JKtl; uids=eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIyODUyMDExMTA4MTcxODI2NjY2IiwiZXhwaXJlcyI6IjIwMjEtMDQtMTRUMTI6NDI6NDUuNzk5NDM3NzZaIiwic291cmNlIjoiY29va2llIiwiZmlsZW5hbWUiOiIifSwiYmVlc3dheCI6eyJ1aWQiOiJBQUl0dWs3QXlOMEFBQ21WdjNObUZnIiwiZXhwaXJlcyI6IjIwMjEtMDQtMTRUMTI6NDI6NDUuNzEzMDIxNzE5WiIsInNvdXJjZSI6ImNvb2tpZSIsImZpbGVuYW1lIjoiIn0sImltcHJvdmVkaWdpdGFsIjp7InVpZCI6ImVhM2NiMzY4LTQ4YzctNDdiNS1iYmRjLWM5OWQ2MTdmM2IxNSIsImV4cGlyZXMiOiIyMDIxLTA0LTE0VDEyOjQyOjQ1LjQyMzQxOTU3OVoiLCJzb3VyY2UiOiJjb29raWUiLCJmaWxlbmFtZSI6IiJ9LCJpeCI6eyJ1aWQiOiJZR1J1UkJjM2lHWS1NQzJWZWhEeXdBQUFcdTAwMjYxMTU3IiwiZXhwaXJlcyI6IjIwMjEtMDQtMTRUMTI6NDI6NDQuOTM5NDg5OTM2WiIsInNvdXJjZSI6ImNvb2tpZSIsImZpbGVuYW1lIjoiIn0sIm5ldXN0YXIiOnsidWlkIjoiVDRHVllQZk1IWURRemp3MDlmRW1DNzMraXdNU3BQY2NQcW1JU1lqWDJpMD0iLCJleHBpcmVzIjoiMjAyMS0wNC0xNFQxMjo0Mjo0NS4xNjA0ODg2NzVaIiwic291cmNlIjoiY29va2llIiwiZmlsZW5hbWUiOiIifSwib3BlbngiOnsidWlkIjoiYTRkYTEwNTEtNTAzZC00YWY2LTk1NDgtMzEzNWNlZmQyMzZiIiwiZXhwaXJlcyI6IjIwMjEtMDQtMTRUMTI6NDI6NDQuODUxMDI4OTI2WiIsInNvdXJjZSI6ImNvb2tpZSIsImZpbGVuYW1lIjoiIn0sInJ1Ymljb24iOnsidWlkIjoiS01YRlcwNkgtSS1FQjhLIiwiZXhwaXJlcyI6IjIwMjEtMDQtMTRUMTI6NDI6NDUuMjQ3MzEyMDg4WiIsInNvdXJjZSI6ImNvb2tpZSIsImZpbGVuYW1lIjoiIn0sInNvdnJuIjp7InVpZCI6IjFjMzg1ZWFiMjIxMGZiODI3NmIyZDhmNiIsImV4cGlyZXMiOiIyMDIxLTA0LTE0VDEyOjQyOjQ0LjY1NDE2NzMwOVoiLCJzb3VyY2UiOiJjb29raWUiLCJmaWxlbmFtZSI6IiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjEwNzA3MzA5Mjg4MzM3OTgwMTIwIiwiZXhwaXJlcyI6IjIwMjEtMDQtMTRUMTI6NDI6NDUuOTgzODA1MzFaIiwic291cmNlIjoiY29va2llIiwiZmlsZW5hbWUiOiIifX0sImJkYXkiOiIyMDIxLTAzLTMxVDEyOjQyOjQ0LjY1NDE2MzgwNloifQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 31 Mar 2021 12:42:46 GMT
content-length
0
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
set-cookie
uids=eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIyODUyMDExMTA4MTcxODI2NjY2IiwiZXhwaXJlcyI6IjIwMjEtMDQtMTRUMTI6NDI6NDUuNzk5NDM3NzZaIiwic291cmNlIjoiY29va2llIiwiZmlsZW5hbWUiOiIifSwiYmVlc3dheCI6eyJ1aWQiOiJBQUl0dWs3QXlOMEFBQ21WdjNObUZnIiwiZXhwaXJlcyI6IjIwMjEtMDQtMTRUMTI6NDI6NDUuNzEzMDIxNzE5WiIsInNvdXJjZSI6ImNvb2tpZSIsImZpbGVuYW1lIjoiIn0sImltcHJvdmVkaWdpdGFsIjp7InVpZCI6ImVhM2NiMzY4LTQ4YzctNDdiNS1iYmRjLWM5OWQ2MTdmM2IxNSIsImV4cGlyZXMiOiIyMDIxLTA0LTE0VDEyOjQyOjQ1LjQyMzQxOTU3OVoiLCJzb3VyY2UiOiJjb29raWUiLCJmaWxlbmFtZSI6IiJ9LCJpeCI6eyJ1aWQiOiJZR1J1UkJjM2lHWS1NQzJWZWhEeXdBQUFcdTAwMjYxMTU3IiwiZXhwaXJlcyI6IjIwMjEtMDQtMTRUMTI6NDI6NDQuOTM5NDg5OTM2WiIsInNvdXJjZSI6ImNvb2tpZSIsImZpbGVuYW1lIjoiIn0sIm5ldXN0YXIiOnsidWlkIjoiVDRHVllQZk1IWURRemp3MDlmRW1DNzMraXdNU3BQY2NQcW1JU1lqWDJpMD0iLCJleHBpcmVzIjoiMjAyMS0wNC0xNFQxMjo0Mjo0NS4xNjA0ODg2NzVaIiwic291cmNlIjoiY29va2llIiwiZmlsZW5hbWUiOiIifSwib3BlbngiOnsidWlkIjoiYTRkYTEwNTEtNTAzZC00YWY2LTk1NDgtMzEzNWNlZmQyMzZiIiwiZXhwaXJlcyI6IjIwMjEtMDQtMTRUMTI6NDI6NDQuODUxMDI4OTI2WiIsInNvdXJjZSI6ImNvb2tpZSIsImZpbGVuYW1lIjoiIn0sInB1Ym1hdGljIjp7InVpZCI6IkUyQzdDMDQ0LTNEMkMtNENGMC1BRDk0LTA1M0U0RjI2MEMzMCIsImV4cGlyZXMiOiIyMDIxLTA0LTE0VDEyOjQyOjQ2LjM3NDQzMzI2OFoiLCJzb3VyY2UiOiJjb29raWUiLCJmaWxlbmFtZSI6IiJ9LCJydWJpY29uIjp7InVpZCI6IktNWEZXMDZILUktRUI4SyIsImV4cGlyZXMiOiIyMDIxLTA0LTE0VDEyOjQyOjQ1LjI0NzMxMjA4OFoiLCJzb3VyY2UiOiJjb29raWUiLCJmaWxlbmFtZSI6IiJ9LCJzb3ZybiI6eyJ1aWQiOiIxYzM4NWVhYjIyMTBmYjgyNzZiMmQ4ZjYiLCJleHBpcmVzIjoiMjAyMS0wNC0xNFQxMjo0Mjo0NC42NTQxNjczMDlaIiwic291cmNlIjoiY29va2llIiwiZmlsZW5hbWUiOiIifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIxMDcwNzMwOTI4ODMzNzk4MDEyMCIsImV4cGlyZXMiOiIyMDIxLTA0LTE0VDEyOjQyOjQ1Ljk4MzgwNTMxWiIsInNvdXJjZSI6ImNvb2tpZSIsImZpbGVuYW1lIjoiIn19LCJiZGF5IjoiMjAyMS0wMy0zMVQxMjo0Mjo0NC42NTQxNjM4MDZaIn0=; Domain=the-ozone-project.com; Expires=Tue, 29 Jun 2021 12:42:46 GMT; Secure; SameSite=None
vary
Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3630
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4sfARD0sTPCtlAU-TyYMMA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=89092
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Thu, 01 Apr 2021 13:27:38 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3630
95 B
594 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=E2C7C044-3D2C-4CF0-AD94-053E4F260C30
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6389a8d7cfdd4e86-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0929e7dadd00004e86ea0dc000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 3630
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:44 GMT
frontend-id
13
location
/pubmatic/1/info2?sType=sync&sExtCookieId=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 3630
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&addseg=31
7 B
147 B
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:46 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Wed, 31 Mar 2021 12:42:46 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E2C7C044-3D2C-4CF0-AD94-053E4F260C30&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 3630
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTJDN0MwNDQtM0QyQy00Q0YwLUFEOTQtMDUzRTRGMjYwQzMw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:45 GMT
X-lat
amspug002:0:342
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3630
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE2Zvy_xPtszlFrHXKisNSg&google_cver=1
42 B
855 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE2Zvy_xPtszlFrHXKisNSg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:45 GMT
X-lat
amspug019:0:408
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE2Zvy_xPtszlFrHXKisNSg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3630
43 B
609 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 30 Mar 2021 12:42:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3630
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ff5c70b-0b67-4c78-b170-06333c1fcf4a
42 B
882 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ff5c70b-0b67-4c78-b170-06333c1fcf4a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:46 GMT
X-lat
lhrpug011:0:499
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7ff5c70b-0b67-4c78-b170-06333c1fcf4a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 3630
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6162048902477780439
42 B
801 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6162048902477780439
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:46 GMT
X-lat
lhrpug009:0:493
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:46 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6162048902477780439
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 3630
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:667a6064-6e44-4a00-9dae-b401492c5549&gdpr=0&gdpr_consent=
42 B
946 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:667a6064-6e44-4a00-9dae-b401492c5549&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:46 GMT
X-lat
lhrpug013:0:417
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Wed, 31 Mar 2021 12:42:46 GMT
Server
MT3 3628 75f709e master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:667a6064-6e44-4a00-9dae-b401492c5549&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 31 Mar 2021 12:42:45 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3630
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2852011108171826666&gdpr=0&gdpr_consent=
42 B
769 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2852011108171826666&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:42:45 GMT
X-lat
amspug009:0:410
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:42:46 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.146:80
AN-X-Request-Uuid
57aca6e1-fbf5-434a-9b6c-9e01a673c742
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2852011108171826666&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
E2C7C044-3D2C-4CF0-AD94-053E4F260C30
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3630
43 B
203 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E2C7C044-3D2C-4CF0-AD94-053E4F260C30?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:42:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame 803A
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us_priva...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy={{us...
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=810cd468-03df-4939-8ba5-c6859b1f8fc7
0
2 KB
Image
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=810cd468-03df-4939-8ba5-c6859b1f8fc7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=810cd468-03df-4939-8ba5-c6859b1f8fc7
date
Wed, 31 Mar 2021 12:42:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
setuid
elb.the-ozone-project.com/ Frame 803A
Redirect Chain
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%...
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}}&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3...
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=f755e1c0-c56c-40ac-ad4c-0d8685ad0674
0
2 KB
Image
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=f755e1c0-c56c-40ac-ad4c-0d8685ad0674
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=f755e1c0-c56c-40ac-ad4c-0d8685ad0674
date
Wed, 31 Mar 2021 12:42:46 GMT
p3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
151
content-type
text/html; charset=utf-8
setuid
elb.the-ozone-project.com/ Frame 803A
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=446cad52-7e49-49c6-8195-43a10ca58039
0
2 KB
Image
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=446cad52-7e49-49c6-8195-43a10ca58039
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=446cad52-7e49-49c6-8195-43a10ca58039
date
Wed, 31 Mar 2021 12:42:47 GMT
content-length
0
setuid
elb.the-ozone-project.com/ Frame 803A
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=6162048902477780439
0
2 KB
Image
General
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=6162048902477780439
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.245.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-245-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:42:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=6162048902477780439
date
Wed, 31 Mar 2021 12:42:47 GMT
server
nginx
content-length
0
content-type
text/plain

Verdicts & Comments Add Verdict or Comment

311 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| pagespeed string| tmgFacebookAppId object| tmg object| tmg.build object| RUM object| clientlibs function| _typeof function| print_uk_day object| cssua function| yepnope object| Modernizr object| html5 function| lzld function| Cookies function| __cmp string| mapApiPath object| dataLayer object| pageData object| tmgAds string| scriptUrl object| YT object| YTConfig function| onYTReady string| BOOMR_API_key object| BOOMR number| BOOMR_lstart function| initialise object| particles boolean| particle-eip-telegraph-co-uk-script-loaded object| BOOMR_mq object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| __twttrll object| twttr object| __twttr function| fbq function| _fbq function| tmgAdsGetURLParamValue function| onPlayerStateChange object| tmgCMP function| __tcfapi object| _sp_ object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| martech object| d string| dformat string| consentCookie object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| tmgFunctions object| sVisValue string| visType object| authorImage function| getMetaTag function| tmgAdsInit function| tmgAdsPrebidReturnAdUnits function| tmgAdsPerf function| tmgAdsGetObj function| tmgAdsInitConfig function| tmgAdsInitData function| tmgAdsInitDFP function| tmgAdsInitEventHandlers function| tmgAdsActionEventHandler function| tmgAdsInitGeoAPIStatus function| tmgAdsGetSizeMatrix function| tmgAdsGetDFPData function| tmgAdsAdjustSizeMapping function| tmgAdsGetCMS function| tmgAdsGetAdobe function| tmgAdsGetGoogleData function| tmgAdsGetTMGUserData function| tmgAdsGetGPTSetup function| tmgAdsUpdateDFPCustomVars function| tmgAdsLog function| tmgAdsGetObjSize function| tmgAdsGetGeoAPI function| tmgAdsGetMetaTag function| tmgAdsGetPageData function| tmgAdsGetURLParam function| tmgAdsGetTMGCookies function| tmgAdsLoad function| tmgAdsGetBrowserData function| tmgAdsGetCookie function| tmgAdsSetCookie function| tmgAdsTimer function| tmgAdsCsvToObj function| tmgAdsBuildAd function| tmgAdsBuildAdTag function| tmgAdsUpdateHeaderBidderData function| tmgAdsGetUniqueArray function| tmgAdsRefreshAd function| tmgAdsCountdown function| tmgAdsScheduleRefreshableAds function| tmgAdsSetAdSlotToRefresh function| tmgAdsOnPageLoad function| tmgAdsEvent function| tmgAdsInitDeliveryModel function| tmgAdsInitHeaderBidders function| tmgAdsThrottle function| tmgAdsElementIsInView function| tmgAdsElementInView function| createAdvert function| tmgAdsGetTitleForInjected function| traverse function| tmgAdsNativeInject function| tmgAdsInjectList function| tmgSetAdvertPositions function| tmgAdsInjectAdvert function| tmgAdsCreateItem function| tmgAdsCreateNativeSlots function| tmgAdsCreate function| tmgAdsObjSz function| tmgAdsInit3rdParties function| tmgAdsUUID function| tmgAdsCreateDynamicAds function| tmgAdsGetYouTubeConfig function| tmgAdsFormatAds function| tmgAdsAddAdTitles function| tmgAdsRemoveElement function| tmgAdsGetAllAdSlots function| tmgadsGetPageData function| tmgAdsApplyAdLite object| googletag string| $igniter_var function| liftigniter object| tp object| core object| firebase function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq object| s function| DIL number| s_objectID number| s_giq object| tmgrefresh object| pbjs number| PREBID_TIMEOUT undefined| consoleError undefined| qmErrString function| QuantumMetricInstrumentationStart object| QuantumMetricAPI function| qmflate object| comscoreOptions object| _comscore object| skimlinks_settings string| GoogleAnalyticsObject function| ga object| chartbeatStart object| _sf_async_config object| metaAuthor string| metaAuthorContent object| metaSegment string| metaSegmentContent object| metaArticleId string| articleId object| metaPageType string| pageType object| metaChannel string| channel object| allowedChannelsList boolean| isOnAllowedChannels function| getUserStatus function| getAdobeVisitorID object| _cbq object| chartbeatEnd object| _cbv number| _sf_endpt function| getAdData function| checkStatus object| dm object| _functions object| webpackChunkli_browser_client object| liftIgniterPageKeywords string| geoLocation function| generateTransactionID object| _ictt string| qID string| tags string| author string| aTag string| premiumContent string| prevPage string| currURL string| fbValue function| buildAnalyticsString function| generateEventbTransactionID string| paywallDisplayed string| regwallDisplayed function| generateExpediaTransactionID object| s_i_tmgtmgescenicprod function| _createClass function| _classCallCheck function| $ function| jQuery object| jQuery110200851705687192128 function| Hammer boolean| mCustomScrollbar function| Waypoint function| _ function| tmgJQ function| Modal function| boxCycle function| dropDown object| galleries function| dropDownSort function| dropDownFilter object| TMG_COMPONENT_TRACKING function| pbjsChunk object| _pbjsGlobals string| key object| Criteo object| ggeac object| google_js_reporting_queue number| pnInitPerformance function| ___tp object| localCookieStorage object| sessionCookieStorage object| headertag object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webVitals object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies function| udm_ object| ns_p object| COMSCORE function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI number| BOOMR_configt boolean| DotMetricsInitScript string| gs_channels object| permutive string| __tpVersion object| jQuery112403348124932416443 object| SWG function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| cX function| cxCCE_callQueueExecute object| cxTest object| PianoESPConfig function| cx_callQueueExecute function| cx_pollActivity function| cx_pollActiveTime function| cx_pollFragmentMessage object| cXNative number| BOOMR_onload string| a object| b undefined| firstDLE undefined| firstDLEMYT undefined| currDLE undefined| currDLEMYT object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106

23 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 61650870140457631521046825960338994164
.telegraph.co.uk/ Name: qmexp
Value: 1617196354764
.telegraph.co.uk/ Name: __pvi
Value: %7B%22id%22%3A%22v-kmxfvs8xhx296f8q%22%2C%22domain%22%3A%22.telegraph.co.uk%22%2C%22time%22%3A1617194554467%7D
.telegraph.co.uk/ Name: __pat
Value: 3600000
.telegraph.co.uk/ Name: __tbc
Value: %7Bjzx%7DyyTSIMKPhCnqKk7KbN_WL59EA64_TMjfIC58tTAhGxuzGZmkSEjYBQLIuo1OHlhy-gSSTwTf76Jre6UHIm5PpQ
.telegraph.co.uk/ Name: AMCV_2C7336C753C676BA0A490D4B%40AdobeOrg
Value: -432600572%7CMCIDTS%7C18718%7CMCMID%7C22189525394895984890470677963254177433%7CMCAAMLH-1617799354%7C6%7CMCAAMB-1617799354%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1617201754s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18725%7CMCCIDH%7C0%7CvVersion%7C4.5.2
.telegraph.co.uk/ Name: AMCVS_2C7336C753C676BA0A490D4B%40AdobeOrg
Value: 1
.telegraph.co.uk/ Name: cX_S
Value: kmxfvsf3thvjeopw
www.telegraph.co.uk/ Name: _cb_svref
Value: null
.telegraph.co.uk/ Name: s_vis_repeat
Value: 1617194553673-New
www.telegraph.co.uk/ Name: _chartbeat2
Value: .1617194554160.1617194554160.1.BQMA4L3n-yVBQlF41DnlHL5BzCPk0.1
www.telegraph.co.uk/ Name: _cb_ls
Value: 1
.telegraph.co.uk/ Name: _gid
Value: GA1.3.1678097665.1617194554
.demdex.net/ Name: dextp
Value: 3-1-1617194554431|358-1-1617194554532|481-1-1617194554635|771-1-1617194554784
.telegraph.co.uk/ Name: _ga
Value: GA1.3.38788039.1617194554
www.telegraph.co.uk/ Name: _cb
Value: DAmqLiuZ7nZDxrUVS
.telegraph.co.uk/ Name: s_cc
Value: true
.telegraph.co.uk/ Name: RT
Value: "z=1&dm=telegraph.co.uk&si=4b21fa77-a2aa-4cee-b806-db242d2d9af6&ss=kmxfvq1d&sl=1&tt=2ih&bcn=%2F%2F684dd30d.akstat.io%2F&ld=2io"
.telegraph.co.uk/ Name: _gat
Value: 1
.telegraph.co.uk/ Name: mbox
Value: PC#49e296d8b3b84557879d076734c3b2d2.37_0#1680439354|session#49e296d8b3b84557879d076734c3b2d2#1617196414
.telegraph.co.uk/ Name: xbc
Value: %7Bjzx%7DLKYJiJ6gZgrqNk7etemNGnUigN1P1Ar_G5UJ_NaK3Y92HIfFgVt96zYDzfpmeq7xyoZ5pVJysFw_tTbNG6ejEuQtt01WGp79X2ZY3YnUp4XMeaxibNg3kLoljY5tzPz2HBlmw2mZ1OIlPAh9-EUuwg-j_GZRJJ8J3M9Pve39r53fzRYCit2WcMkvqk4ri5typYmggVTvbMvkoNjrSiCGGjSdi5wBc00U7khfeRa3nU-WEVCP_jlitLnz7ZknLK6rpc9pwxhEaVzQbSMozlyqb7Z7LgaxEpE2XXFPZ8OVyzIyQhb9Nk4Hx0Fo7lzrY1fc
www.telegraph.co.uk/ Name: _topp
Value: 1617194553650
.telegraph.co.uk/ Name: artTags
Value: standard,nhs,cyber attacks,apps,phishing,internet security,bitcoin,cyber defence,registration wall content,technology,technology editor's choice,portal,block from video hub

32 Console Messages

Source Level URL
Text
console-api log URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-cmp.min.js(Line 1)
Message:
ADTECH[tmg-cmp]: onPlayerStateChange not defined -> creating onPlayerStateChange()
console-api warning URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 15)
Message:
🚀 _satellite.readCookie is deprecated. Please use _satellite.cookie.get("_evidon_consent_cookie").
console-api warning URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 15)
Message:
🚀 _satellite.readCookie is deprecated. Please use _satellite.cookie.get("euconsent").
console-api log (Line 2)
Message:
new polling event
console-api log (Line 2)
Message:
visitor change check here 23423 4234234234
console-api log URL: https://assets.adobedtm.com/bb77750356fd/42bfe6bcc850/fa173aab8e79/EX2e89287668b94241b423719cf47c4220-libraryCode_source.min.js(Line 2)
Message:
Error, missing Report Suite ID in AppMeasurement initialization
console-api log URL: https://secure.telegraph.co.uk/customer/lib/tmgrefresh@v1.0.0/tmgrefresh.js(Line 2)
Message:
No tmg_refresh
console-api log URL: https://secure.telegraph.co.uk/customer/lib/tmgrefresh@v1.0.0/tmgrefresh.js(Line 2)
Message:
No tmg_refresh
console-api log URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-gpt.min.js(Line 1)
Message:
ADTECH: newads2020_desktop_article_sticky_ban - Anon User - Turning on Sticky banners for anonymous users - requires turning on banner slot
console-api log URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-cmp.min.js(Line 1)
Message:
Messaging without detection successfully executed.
console-api log (Line 2)
Message:
LAUNCH: YouTube AdBlock check disabled (v2.0)
console-api log (Line 2)
Message:
LAUNCH:ANALYTICS: Ipsos Iris -> ipsoskeyword= https://uk-script.dotmetrics.net/door.js?d=www.telegraph.co.uk&t=technology&t=technology
console-api log (Line 2)
Message:
ADTECH: fixing hotfix_remove_tablet_mpu_container
console-api log URL: https://cdn.petametrics.com/fb6cjraf9cejut2a.js(Line 2)
Message:
LI: [showLiveWarnings]: [2029ms]: userId (uid) is not defined. Request for recommendations will not yield personalized recommendations. This could be because you are using addEarlyExtension() instead of addExtension(), or running $p("fetch") before $p("init")
console-api log URL: https://cdn.petametrics.com/fb6cjraf9cejut2a.js(Line 2)
Message:
LI: [showLiveWarnings]: [2030ms]: LiftIgniter send called before LiftIgniter init. The most typical reasons: (a) you omitted the call to init, (b) you are including our JavaScript snippet twice (this could be twice on the page, or once on the page and once in Google Tag Manager, or twice in Google Tag Manager). If you have more questions, please contact liftignitersupport@maven.io
console-api log URL: https://cdn.petametrics.com/fb6cjraf9cejut2a.js(Line 2)
Message:
LI: [showLiveWarnings]: [2030ms]: LiftIgniter send called before LiftIgniter init. The most typical reasons: (a) you omitted the call to init, (b) you are including our JavaScript snippet twice (this could be twice on the page, or once on the page and once in Google Tag Manager, or twice in Google Tag Manager). If you have more questions, please contact liftignitersupport@maven.io
console-api log URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 3)
Message:
adobe analytics: express checkout update 56
console-api log URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 10)
Message:
Adobe Launch Loaded: facebook check 1
console-api warning URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 15)
Message:
🚀 _satellite.readCookie is deprecated. Please use _satellite.cookie.get("_topp").
console-api warning URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 15)
Message:
🚀 _satellite.setCookie is deprecated. Please use _satellite.cookie.set("_topp", "1617194553650", { expires: 0.020833 }).
console-api log URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 10)
Message:
facebook news check begins
console-api log URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 10)
Message:
end of facebook news check
console-api log URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 11)
Message:
new offerID code2222
console-api log URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 12)
Message:
visitor change check here
console-api log URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 13)
Message:
Adobe: set up piano listener1
console-api log URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 3)
Message:
just to check the dataLayer: undefined
console-api error URL: https://s.go-mpulse.net/boomerang/GHENT-R5DY7-KAG4V-6EY7K-3RGVU(Line 10)
Message:
TypeError: Cannot read property 'consents' of undefined at https://uk-script.dotmetrics.net/door.js?d=www.telegraph.co.uk&t=technology:44:46 at t.addEventListener [as callback] (https://static.telegraph.co.uk/telegraph-advertising/tmg-cmp.min.js:1:152341) at t.e.invokeCallback (https://static.telegraph.co.uk/telegraph-advertising/tmg-cmp.min.js:1:36734) at t.respond (https://static.telegraph.co.uk/telegraph-advertising/tmg-cmp.min.js:1:36127) at t.respond (https://static.telegraph.co.uk/telegraph-advertising/tmg-cmp.min.js:1:125590) at t.e (https://static.telegraph.co.uk/telegraph-advertising/tmg-cmp.min.js:1:36599) at t [as constructor] (https://static.telegraph.co.uk/telegraph-advertising/tmg-cmp.min.js:1:36022) at new t (https://static.telegraph.co.uk/telegraph-advertising/tmg-cmp.min.js:1:125394) at e.apiCall (https://static.telegraph.co.uk/telegraph-advertising/tmg-cmp.min.js:1:63042) at checkTCF (https://uk-script.dotmetrics.net/door.js?d=www.telegraph.co.uk&t=technology:32:17)
console-api log URL: https://static.telegraph.co.uk/telegraph-advertising/tmg-gpt.min.js(Line 1)
Message:
ADTECH: tmgAdsLoad - permutive -> onerror() [object Event]
console-api error URL: https://s.go-mpulse.net/boomerang/GHENT-R5DY7-KAG4V-6EY7K-3RGVU(Line 10)
Message:
Exception in queued GPT command TypeError: Cannot read property 'log' of undefined
console-api log URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 13)
Message:
BEFORE PREMIUM CHECK PAYWALL
console-api log URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 13)
Message:
adobe: paywall loaded77777
console-api log URL: https://assets.adobedtm.com/71dcbb11123ce6b2e1ce4d47fd79a130aad3fc95/satelliteLib-177113f60f763788009998023cd15615fe2168a2.js(Line 13)
Message:
after the dataLayercheck

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' pulse.telegraph.co.uk;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd30d.akstat.io
a.teads.tv
aa.agkn.com
ad2.360yield.com
adobeaam.beemray.com
ads.avct.cloud
ads.pubmatic.com
ads.yahoo.com
amplifypixel.outbrain.com
analytics.barnebys.sh
ap.lijit.com
as-sec.casalemedia.com
assets.adobedtm.com
aud.pubmatic.com
barnebys.imgix.net
bidder.criteo.com
bttrack.com
buy.tinypass.com
c.go-mpulse.net
c1.adform.net
cdn.cxense.com
cdn.permutive.com
cdn.petametrics.com
cdn.polyfill.io
cdn.quantummetric.com
cdn.tinypass.com
cf-particle-html.eip.telegraph.co.uk
cf.eip.telegraph.co.uk
cm.adform.net
cm.everesttech.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d5p.de17a.com
dis.criteo.com
dmpsync.3lift.com
dmx.districtm.io
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
elb.the-ozone-project.com
eus.rubiconproject.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gu.dyntrk.com
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
images.barnebys.com
img.youtube.com
js-sec.indexww.com
loadm.exelator.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mwzeom.zeotap.com
nep.advangelists.com
p.skimresources.com
ping.chartbeat.net
pixel.advertising.com
pixel.rubiconproject.com
platform.twitter.com
pr-bh.ybp.yahoo.com
query.petametrics.com
r.skimresources.com
rtb.openx.net
s.amazon-adsystem.com
s.go-mpulse.net
s.skimresources.com
sb.scorecardresearch.com
scomcluster.cxense.com
secure.telegraph.co.uk
securepubads.g.doubleclick.net
simage2.pubmatic.com
smetrics.telegraph.co.uk
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.chartbeat.com
static.criteo.net
static.telegraph.co.uk
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
syndication.twitter.com
t.skimresources.com
targeting.unrulymedia.com
tcf2.telegraph.co.uk
telegraph-app.quantummetric.com
telegraph-d.openx.net
telegraph-sync.quantummetric.com
telegraph.grapeshot.co.uk
telegraphmediagroupl.tt.omtrdc.net
tmg.demdex.net
token.rubiconproject.com
uipglob.semasio.net
uk-script.dotmetrics.net
um.simpli.fi
visitor.fiftyt.com
widgethost.barnebys.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.telegraph.co.uk
www.youtube.com
x.bidswitch.net
104.16.68.69
104.19.150.54
104.244.42.200
13.226.159.111
13.226.159.114
13.226.159.26
13.226.159.42
135.125.8.70
142.250.185.98
142.250.186.130
146.88.138.85
148.64.56.69
15.237.136.106
151.139.128.11
159.253.128.183
178.250.0.163
178.250.2.131
178.63.12.147
18.132.239.61
18.185.199.226
18.195.73.36
18.198.69.109
184.25.115.49
184.30.21.51
185.29.132.68
185.64.189.110
185.64.189.249
185.64.190.78
185.64.190.80
192.132.33.46
2001:4de0:ac18::1:a:3b
213.155.156.167
213.19.147.210
213.19.162.31
216.52.2.30
23.218.208.200
23.218.208.246
23.37.38.181
23.37.42.132
23.79.129.80
23.79.136.18
2600:9000:2182:cc00:18:1fcd:34e:d2a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1957
2606:4700:10::6816:35fc
2606:4700::6811:b7b1
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9b
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00:19a::11a6
2a02:26f0:6c00:287::11a6
2a02:26f0:6c00:28a::1e80
2a02:26f0:6c00:298::268b
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:1b::720
2a04:4e42:3::621
3.124.88.100
3.222.213.29
34.196.186.87
34.245.253.34
34.252.166.160
34.76.9.209
34.98.64.218
35.156.153.71
35.186.253.211
35.190.14.224
35.190.59.101
35.190.91.160
35.201.67.47
35.201.96.126
35.205.136.23
35.244.174.68
37.157.2.237
37.157.6.253
37.252.172.36
52.17.245.189
52.18.90.176
52.28.38.50
52.46.130.13
52.49.202.212
54.154.123.210
54.171.42.33
54.194.211.3
64.202.112.127
69.173.144.138
76.76.21.21
77.243.60.138
94.237.48.86
99.86.3.55
00d8f5e9fb27f1e04e0e321c420fbe85687edfd857a54447513fed1acadb2176
023aa4acbd9a548a89cb046b761602d76f4693eda10b6e920641cdb34d4c18ac
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0dffeab9f30efef3e8a96b969debdba7ece0711f06dca379b026d96ab91ebfc2
10304d659266c950907f4123b29713413bbd39c7b426b8f4a5ba670788507afe
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
138a17bef350ce8a800df13053eb5b086d93de8c92c840201831a12f5c429d40
1806408f86d0e3e8dac0f72f438215f2b8f55082c441cbd7552947f606fa154c
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ad3690bd4a33905a9d80a5983576410ce780d838e3821a6bf59e48456633ec8
1fa3398ed6e4cacad4c1d2b18f27048b2492361696b08af8e507b3f1f46698f0
1fd189ec6dc0ed088b4e2c20ab90bf76534c5b9a6ff56f729ff6061b424e9c32
20565db371e6022b32a6f209d5e354d6a3c55d84ecbe6046f20bb6e317dbcf4a
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
23d4b414f87aa8523c3e11439c3f4802c38e205d26ba3979d7ada3f1697f447e
2533beb82f10239c1c8d7cc216c3e74d585437daa1e292bdd270a7159faca18a
25b46e6675fce0a05037da73456092d84267f6e9fa25810c23e6aa0b46b063ce
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840
2793bc590638ebcfc29d1e41dc0c1c09e30649e4a6fe46b31543d978528b54d2
2825f7f6a5ef17c25ae45a8cea9b4f73eda59a9b5692bc213276c476affd07e5
2938a44e1916a003023a965c0fedffbabdeea2e9a9e9168749cc9def0f823384
2b54fb24cbbc2a211e33d1ecf3752edac4ff07efe5bf4002e61c7fbb5ac264f4
2c741ad9acb43d105e62f879f96b2d4ba638cc61e2a95a054ba986a09bcfdd71
2debc3cae65362e3d68d12d5d55a318ee294bf0c6564a5473e796a591fd03f10
2e4df52e6b09d2b0b59c6337be0d69b3dd8c568db48a2ce410f54c080930301e
315a8f8efe8f4d854f764b59fd59603dc986e90322e306ddff5c14fb1a24dd2f
317b349e3e6b74ab027fb02d3bd13e529c65d9ddfdb5e7d4125ccd5c49ca41f2
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3453ceb94ab0d67436a4eb37d02fcf264c8c6c16f4c199e4e35628b04f3a5fa4
3634f2b80c4d2696639cce21d8c34b8b76299f3c273baa86c1c74c043baf494d
3e3b1181b7ac6ab5fcdec22a9a00266bf8069392d7094f55bc642156236ed89a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f8807ffe646fe020798a08b93e765edfe6c8cedfe53d2efa7dcb1745aeb29df
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
420977f3b586d18b52cdc99f85298b4bbe34de610c5d55304c9570c2b64bc414
431e194a9add9d9cf59118af08cbbb3aa8f951e854dfef995b134f95ef1f94e8
44785a95b46b4fd582c81b0acddac2d145843f7df929a389cb3711dd90c8534f
457895a9c9031a672f10398bbb48d1d6f8c6a1b385b89a1c01f5fc4d120933a7
461f9e095a1c22e1e4f3d0ce0eef80c88bd0500144a61bf63dbc55a1b2a6a25d
4803966bd46a87f72fd91bc4c364dafd440c3bbd10aa39f08c4062923a4776bb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
497379f191fc1c99b86b108e2cd67ce1bda71b964b4ec1e7dc9f4945c5cc43c5
49a4c5845adc93d7a2ce1895fc5fe5135c9d8cbee1964d13cd883686f23ccdbf
4a1828ca7ad26c8004150f7b2a632fb0810dda8d7329770c52bc7ca9428119e3
4a9f6c38a5229b0a3ec312dc66a7032c0b35ceb0a4d46c8589459ffb35fefe0d
4ac5a8b1357e198636ee837ae1db9515c90dff3197912422e879cc1a7367c4f3
4bbdb5662e9696112a753f6056b18b69fbafd6c58e0c0cf11ef234a62a644b06
4bdcac6e1108bb481c99ac98ebe6b6ff72ca43dcef5db84c491fe4e53dda998a
4d5f69088f263c5f7a7f2aac48d7e58f3e6a9ba487f6d6bab9463b2be8e5df98
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e349e1907bab1b7fcb3db5468f072ee1d23609cc75025aac926e44177e3819a
4e3f936997d7dd15d74a03cdab3402ad7347310b4ce131d87805f2181bb1cb70
4f076d7b6c5c839fb1adb4ac9bd4d4262b24eda3aed728917a5993e201cf31cb
4fd7974fef2a87c5ddee4dba6d4868779fc1e1587a5f985a699d700bd47c2df9
55a74d1e02c6dd11a8c11e109e50c4668ddc390b1ebcc37ef4c8df158cf564cd
584a3a57616fdd0ceb79356f899203edb97ee3a8660677d866c80aecb818caf0
59090ff58225cf6ef00596f1e187eae64b1bf6354ecd6315987a96131e431dc6
5bfee6ffd01f588b0018ada70b464056882c941460f558ec0598233015e89ee3
5f663639b4106113b8c44f38b4cf406e0294b9d28c4978fb3dd7221a17d71639
608a584386bc8e9d68dc278d92cfd8c6efdd7d36de29161e50d8bfd0cd33d1a9
6098939f572870d05c4f55c73b7812c87a2c49ea472c17e21eecd93e979f4d36
618efd207cfa5d91bb019896ac241ad79f49b66c9d7330d43bc6211e55129a67
6192a37252732229d814509a7d42395c35235fe57e5460f5a2866a935bfc624d
61a57024ca22ef4365e6db45215225c10b75005d83840e6b16159c65afa53d9e
61c56e3fd85ee52e9fbac670b4c078e68395e2afce05f017b38a9d03e14cd80b
62b338caf89fbe98a2df5026edefa2ed6c1bb4a46bb26f7cbcf2a3d95a51dc75
64015e9e159e9145c7ee9abd8c9e101eb76964740d14cf6acf42f97c0f2ff22a
651fe540b140c022ca2d64f6af1a63961b9e3b85093136e5cc9322eb1f75206c
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
657ea2e27915058b447289b888d316c106356f81137108b94075c14023884481
65d2108ff73a770b00d4cffc91aeb94237ab5a49181ab9f2a94803a4d310ded5
6628cd8277486f26d204fd35f6f688c157eba88131e4f4b27b8a9970368f0898
66f25c873dbd0db61620329804564bf39613d18bc7797da99dd6bf57bf18955c
67034834a28d523c920d060d4a42d9fb3e291d81e0a6adec19589213e78f3f26
67ccdaaa1b11ac347f2fe09d212b53045e7ea811c90b62c572e19bd89d2d263c
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6abbfc0c748359e96f5356c294ba912944121092457f93c622b6a3190b1c3700
6acd6530f3307c1ca3acad63a88d4905891624f97837bd73b2afcd43e641025e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0ebe06afb96c7dc3fd83c26b9ace3b7ab62104ff27049787c6ef32023e67c6
6dde141bdbbf1ce88a02ac30deb741afc0fae49111c534015d86943ac6c43100
7195632391298bdf0239c86226d59d80bf655d9cdb9c50daa993c81fba29bfd0
746bf78dbd28d668ecb839ee309b8c336736cd0fc9ae82cccb07815668287669
7470d96d65299f4b9b10053228b1ae4211f9513a63c09a086116987b469cdc2e
74787b3b939b28ee3b2221753a65cba0de28e0f3804597e4b75fe5c7cfd7c6c9
747a726795dd75b7a092b7174f4bda27c43614336623beb0d5265f7e9017d524
75a87762b324173bf0eccc7db69c6f23c18fd294b86d43dae358ee3c68f17f60
767d6655dbcbdfd5c522e951e575c385d41c97e211b6d020ab9c37c6f4122adb
783355ba48d24f37c27cafa383cef88a462f95b7fc65d4fdaf57a0bcca7f371c
7a6afde6bba3a64ba2ff3a786a29b19d19a0f411df7fb5b92e7651c3a5f9bc58
7a7290df4c4a0885758f65e0910f8824d3d9f71a13629818a392546f9e6bee50
7aa570c8330a223b8ee468f861d0e08269d5897d550f14eb20a5fda9636376f9
7b8b8110fb79949f45e9fdcda47c4e28040b2cd94dc809c9b013010e8acd6e6a
7ba8aed6bc678c0876e330ba57c0afefba5097991320b0825588f1ce824ec67a
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c601d4676fde2d9005955fb79c2970b3b9a1b1ab23be2cc5f7d031be98bd0b1
7d5b3f49f726aefa4c8875e523e916c0bcd34492f68026dda1048434aac60763
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
80928ae8cba23f04b45e38448a4a4979c5f9f2538779ce66d57c8c8882c0bc82
822f724154a846c9fda943a5d27d0fbd978f9f9c444b811aae26af60341f433a
83944cd557f8d63d1515a876eeaf774e2cdbe507a1d0d768c767179477634cc9
8428f70596d16b25d5914602449c5b0592cf8ffa296974f3ba4fa42f21ab718f
843688fc97c2bb33c651ea9bd701286943428b31366824337e0ee94d3a139a35
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8683211f6eacc4a34b8fc528d729059e1e955bf6f1431510725b97e2c0344d19
86a2ccfbd1d3e55c7635b26466be0ef185335de1977e4655443345e093fd459d
88978083addd844411f3e046964ba8ee571f6cc94460236b363d8cbf872550e2
896239692a6fbd88e0c6813271874475868a0dd30bb1f333f5b288611df48e54
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a50aee7a0f243cdd2d6d2490bf584fb0134f1812894258b1d343decc90a9a4c
8c127088acbfa8bbf89acad6ea4b3dd2319ba42d0e9f9e64a4971d0f4425eff1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8a2e3881800dce4ec285c50a8d5ffefe290a52f1b1413bcc3023ad1bf20b68
8ff9d2201369fad808efcf900cbbc5f182dca5f32aef58231b032c06624beeab
901a236b39e67a768b67abd96f39b944b85ea38f42fae1739a5c1f355c0a2f8e
90fe59af0e407d23de8b58c8245dc3af9ae6c718fc979f2dc409320e3fe8c008
91b90ddbcb8cbdf254ba958a29068fa20102ca2aec83b09d9eb6e64e81f2eb4a
9202755bbc28f04b665c0530b16222d29068d3d7707ac8b18a0f9ce481916f20
95c1d28f03c48c49e64ccc3ef9a6fe58ed24739228ff192b85a042ef98de501c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b18e7bfca8064c887385c5cf57bdbcb6f7d263d0fb9cb320d94bc1f82a62a7c
9c783825f2f362ae3beae6eba44895610045a39fef497346226ffc8fa54c7290
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9fbd164b63bc0cc4d7991ef4bcead08cb17de014b17fd6f7191e5bc5fe4dd4f5
a04b8a5d9cdeeab94e476ad0f46d6b4fa54fc6adba0ee2d005ad0bbeee5e2b46
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3c60313ae4c1d3565ce0cb407e797f5fec73351f5a3e0252966405161bc17e5
a65ef7f24df455836a4a5abef14743fe86bad330077e80f52ae00684fee02716
a6b1dcf5bd213819961caaf5d47d6bb32aae383c9f8cb3d42c9f9fa59995c092
a854d07d030810900d4033f285b35ebdf296a19778413da737d1fd2bc5d23d0c
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
a912fc66911606d475f5615e349aea439944aec0ede9bcbde1e97dc8813b00be
a963310ab67dcb696649cafa48fa34032b50b4335b68c67d49b50c7e4741400d
ac58225491d1a091ebca255966d2035c136dfe5d9d89e98b6da63a890da3a056
acc862667cd47cf426ffb93b0f07c7f7039126c5a1a9057b06fd4f82054cfaf7
ad5142275511eff45ea3b2aa944d959a8c9ac690f40093a95d860e7dc870aa6a
b122328d0677ff5899b273e6abc80016195ebb04f4739f82b8eeef4d14361a96
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c56e7b446d05b3abf59717e8f04f167edeff69575830732f6bf09e35952550
b26b962e5dac3e142936e1aa5a1c748080aa09ca90abe247507b2661e105cc1e
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b744c892362d9520abc29b5366640271d9d41fcfde0b40603f659bc852091e73
b9f9c7fcce0dc58d5324b37157ac86486d22284f8643d972e7edf356ca326f27
baa45c05e4aba63e0c3ff913a01024d58f65e4da2597bf3b15cada6055c2d3f9
bccf7cea66bb7a4e68e65edcb95f2164150a03a9b78289f281e9d339c1471482
bd2cd10f7fef068f139f497066a7565849b33e3d7b53ef32136a8a43665c98c4
bdc01628d140ab47211795eac916f85c71c4114eae0e5dc6517064dd73cdb233
be4498060bce703dd1cf670e33f2a5c5e4c3e5a7c29063a8e2a149db93570a46
bea26b1a955f5324ed40ef1dfea84bdf250897e9b2c8624ab9c158e1fbcfa2dc
bf87933936cb35a698b2e45919a36bd2d8c3bdc9e87e2598ed333c14259ea935
bf8b6cd6b1ab67d65f9cb45bbfa42da38691c40f0361b4b46802b71727c2426d
c1b64d437d4702456168fbcc8bf17ebd0e06b4461e633ace58317b477d1c5f7d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4ceb32f3b32dfe591ed181292f10d921a73aa90bd126d5f1978bb11631789e0
c61fbca8f37d20dc4a635625f00e72a2f5c602c9805d57a7d777a6b5c514ea13
c651e10b8f905e2fcf5d4969b88ae86cc2a5c247a67ddc36bd1ae3efc6e47067
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cac535c498691b747ca460edcb3a6229b1142a565b864c2ac9ec91dd0721c0fb
cd61f50814727a6ce42c82e6fffd3630476b83c87033d8bd3574ec9fa1ad8434
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0994c7b5fc48506baaccf722aa2489db0beba3521314128b45b9707ceb0e394
d21e924edcd91a26b09aad9cb10eb162bc70b5372b5db33790291203a40b6f46
d2526967bfca0c77fff7c5a03c5066c9389fb5e9b3c11fdb39fd65d81a2cfa22
d2ef4f6a307251490c09af3046a2ca7b06ebae5d6585c9d688413e568e217f17
d42dc8572f37c938ac5ad372e8159588baafaef3557d60f784b32ae9b9f1104e
dacf7c48f0b0e62443daafe305d60a041e7abc6150aaed941739731f1a5f5d9b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddeff61fd49d5024920a8b594db83850568a162235e0c7f54a04b5a0c4bd061a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de33655993e6ec99173a5ef0c1b7361046aa3d4fd9799501448211857f32caa5
e202c3c23ac2e8ebd64a4f47a319a0ff7c943194278e4a4515be6297bb6d179f
e33aff4ca739b86dd3b5579ff66a28d6df3e16caf0341f9797669cc9eecd8f27
e382da33f35db7181f101e2f0894ec1cc42c83db29ba5fd1dc3c52381e65a658
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5737ddee12b1e62c9c62099262dc06075f03f490237de274d54eb9592330c4b
e58203a1b61504d22706134aaefd68ca88c2e7969ffe21b6910189e2bdeed312
e5ce48322b9a7efe2fcdb1284193ca476aad7ff4084ad203026a2f59f204c133
e5d94d439e6670182f082e45bbbc8ed71d707637b3b7253d6945ca7c852331f2
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e729a5534388cb60d221c5752ef1fd26f297aa9e3f70b599c8fe514fbf6acfad
e756f3e957774e96bea2e286f21c9bd020168663b7d1d137ce3bfad6eeeac9b0
ecd524e5fb093bce7a0cd7cad8b9e71951a16c069022f7596260c65b13c4a323
ee197417aefc3d92a3f5d06f1ef46a0bbbc362674e226373ebe4e9a4269d5880
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15f3314d491a8486a858d76c54b24773f84f4b222cc5be918670a78daaf398d
f258ad98e587de6f01fcc6f2bc2eba79e08ef9c6f7711dbf9c9a97cbf96f17b3
f560ef51d47e36158a7122135ebb881eda3ea0fc010728c0451a61efa6c2d51a
f650f70bd4a8e7ce25699e594dde50a2817bd8cf94f8b591b9468c08095e366a
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7dce684f4228173bd693935a544e7116ebd5755b5f20dccd1f2be6ff2b2ac48
fa120033dfca7d27ed6f4825b40e48a85f1c4e02c284df6ac8cc2182f26baed7
fa90aed9f1ce6927165ed7dcadb3badb46c289be683639060792a4ee8101b3b9
fc56b66fec7c2d014e2b7f2688fed583946691a8c4043021ba571c7ea9609565
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd2699c85e30ba1693594fd4cbfdc0c88d16457325d2dfcd25398317fe24a5c9
fe097b55ffc325b4d3eeb4ed7ccd305cf0931b182e80187715f4dcd195e23100
fe6efeeabe838833f364498ef28eebc0cd26e2b604e74685dfecf3d0d9637ea8