www.29news.com Open in urlscan Pro
2a02:26f0:480:f::213:7ecc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Submission: On December 21 via manual (December 21st 2023, 5:56:01 pm UTC) from US — Scanned from DE

Summary HTTP 371 Redirects Links 59 Behaviour Indicators

Summary

This website contacted 71 IPs in 7 countries across 56 domains to perform 371 HTTP transactions. The main IP is 2a02:26f0:480:f::213:7ecc, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.29news.com.
TLS certificate: Issued by R3 on December 11th 2023. Valid for: 3 months.

This is the only time www.29news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2a02:26f0:480... 2a02:26f0:480:f::213:7ecc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	2a02:26f0:480... 2a02:26f0:480:c::210:f18b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
3	52.222.175.65 52.222.175.65	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:264... 2600:9000:2646:fc00:b:5584:2800:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:244... 2600:9000:2449:b800:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:d56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:0:4... 2600:1901:0:4277::1	15169 (GOOGLE) (GOOGLE)
4	2.19.105.180 2.19.105.180	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2606:4700::68... 2606:4700::6811:c276	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
105	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	2a02:26f0:480... 2a02:26f0:480:980::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:600... 2a04:4e42:600::714	54113 (FASTLY) (FASTLY)
1	3.210.129.105 3.210.129.105	14618 (AMAZON-AES) (AMAZON-AES)
17	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	13.227.219.102 13.227.219.102	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2600:9000:20a... 2600:9000:20ab:3e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:18d::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a389	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.211.52 199.232.211.52	54113 (FASTLY) (FASTLY)
3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:6... 2600:1901:0:636d::1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c1d::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
6	18.66.138.185 18.66.138.185	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:bda	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:49ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 18	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
5 23	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
6	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2.17.22.25 2.17.22.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.229.112.134 3.229.112.134	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.218.55 18.66.218.55	16509 (AMAZON-02) (AMAZON-02)
1 1	95.101.54.99 95.101.54.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	95.101.54.145 95.101.54.145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
14	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
6 6	34.199.75.211 34.199.75.211	14618 (AMAZON-AES) (AMAZON-AES)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3 6	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	2a05:d018:cc3... 2a05:d018:cc3:fe04:1a4f:40b4:84ae:b1d5	16509 (AMAZON-02) (AMAZON-02)
1	52.213.118.96 52.213.118.96	16509 (AMAZON-02) (AMAZON-02)
1	3.228.157.65 3.228.157.65	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
5	54.88.121.69 54.88.121.69	14618 (AMAZON-AES) (AMAZON-AES)
1	2a05:d018:d29... 2a05:d018:d29:3601:7018:7dc3:a4e8:e820	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	54.194.101.149 54.194.101.149	16509 (AMAZON-02) (AMAZON-02)
6	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	18.65.39.29 18.65.39.29	16509 (AMAZON-02) (AMAZON-02)
371	71

9 2a02:26f0:480:f::213:7ecc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.29news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:480:c::210:f18b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

gray-wvir-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.175.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-175-65.cdg50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2646:fc00:b:5584:2800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3agakyjgjv5i8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2449:b800:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:d56 (United States)

ASN13335 (CLOUDFLARENET, US)

www.queryly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:4277::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

reconditerespect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.105.180 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

105 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
videos.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:980::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd312.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.129.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-129-105.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-102.ams54.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ab:3e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:18d::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:1b::1724:a389 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

gray-config-prod.api.arc-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.211.52 (United States)

ASN54113 (FASTLY, US)

apv-launcher.minute.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:636d::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

operationchicken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.138.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-185.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bda (United States)

ASN13335 (CLOUDFLARENET, US)

snippet.minute.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:49ae (United States)

ASN13335 (CLOUDFLARENET, US)

counter.snackly.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.252.172.123 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.64.151.101 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.22.25 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-22-25.deploy.static.akamaitechnologies.com

gray-config-prod.api.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.229.112.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-112-134.compute-1.amazonaws.com

powa-ingest-prod-us-east-1.video-player.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.218.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-218-55.mxp63.r.cloudfront.net

gray.video-player.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.99 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-99.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-145.deploy.static.akamaitechnologies.com

kd7qozk7mu3ggzmepqva-pmf2el-f52f0093f-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fiaqjiathaajekqce3ydkaaaczsyi7bk-pmf2el-d684f48e6-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.199.75.211 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-75-211.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.54.182.161 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:cc3:fe04:1a4f:40b4:84ae:b1d5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.118.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-118-96.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.157.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-157-65.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.88.121.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-121-69.compute-1.amazonaws.com

ioms.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:7018:7dc3:a4e8:e820 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.101.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-101-149.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-29.ams1.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
127	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1020 c2.taboola.com — Cisco Umbrella Rank: 9052 pm-widget.taboola.com — Cisco Umbrella Rank: 3686 trc.taboola.com — Cisco Umbrella Rank: 648 vidstat.taboola.com — Cisco Umbrella Rank: 3027 am-trc-events.taboola.com — Cisco Umbrella Rank: 15316 images.taboola.com — Cisco Umbrella Rank: 1870 wf.taboola.com — Cisco Umbrella Rank: 3217 am-vid-events.taboola.com — Cisco Umbrella Rank: 14680 imprammp.taboola.com — Cisco Umbrella Rank: 15008 am-match.taboola.com — Cisco Umbrella Rank: 15404 vidstatb.taboola.com — Cisco Umbrella Rank: 5135 videos.taboola.com — Cisco Umbrella Rank: 6055 pips.taboola.com — Cisco Umbrella Rank: 1659 cds.taboola.com — Cisco Umbrella Rank: 1860	4 MB
24	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	506 KB
23	casalemedia.com 5 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 484 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	15 KB
22	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 acdn.adnxs.com — Cisco Umbrella Rank: 610	81 KB
21	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	198 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	96 KB
19	arcpublishing.com gray-wvir-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 751848 gray-config-prod.api.cdn.arcpublishing.com — Cisco Umbrella Rank: 30034 powa-ingest-prod-us-east-1.video-player.arcpublishing.com — Cisco Umbrella Rank: 23950 gray.video-player.arcpublishing.com — Cisco Umbrella Rank: 37924	451 KB
16	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 544 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 image6.pubmatic.com — Cisco Umbrella Rank: 793 t.pubmatic.com — Cisco Umbrella Rank: 3146	176 KB
16	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410 s.amazon-adsystem.com — Cisco Umbrella Rank: 285	82 KB
9	piano.io api-esp.piano.io — Cisco Umbrella Rank: 13615	29 KB
9	29news.com www.29news.com	667 KB
6	liadm.com 6 redirects i.liadm.com — Cisco Umbrella Rank: 517	3 KB
6	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 644 cdn.indexww.com — Cisco Umbrella Rank: 1640	5 KB
6	criteo.com gum.criteo.com — Cisco Umbrella Rank: 424 dis.criteo.com — Cisco Umbrella Rank: 550	2 KB
5	bfmio.com ioms.bfmio.com — Cisco Umbrella Rank: 12536	3 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	1012 B
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2305 kd7qozk7mu3ggzmepqva-pmf2el-f52f0093f-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2306 fiaqjiathaajekqce3ydkaaaczsyi7bk-pmf2el-d684f48e6-clienttons-s.akamaihd.net	1 KB
3	createjs.com code.createjs.com — Cisco Umbrella Rank: 1586	188 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	193 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	226 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1767 mab.chartbeat.com — Cisco Umbrella Rank: 2658	26 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	198 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	946 B
2	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	551 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	128 KB
2	ad4m.at ad4m.at — Cisco Umbrella Rank: 11359
2	adroll.com d.adroll.com — Cisco Umbrella Rank: 1380	361 B
2	snackly.co counter.snackly.co — Cisco Umbrella Rank: 5407	284 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	operationchicken.com operationchicken.com — Cisco Umbrella Rank: 21308	877 B
2	minute.ly apv-launcher.minute.ly — Cisco Umbrella Rank: 4993 snippet.minute.ly — Cisco Umbrella Rank: 7138	39 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1309 c.go-mpulse.net — Cisco Umbrella Rank: 595	51 KB
2	reconditerespect.com reconditerespect.com — Cisco Umbrella Rank: 27541	29 KB
2	queryly.com www.queryly.com — Cisco Umbrella Rank: 11671	9 KB
2	cloudfront.net d3agakyjgjv5i8.cloudfront.net	87 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	301 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	274 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2417	317 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1596	250 B
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 20274	270 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 825	759 B
1	ctnsnet.com 1 redirects cm.ctnsnet.com — Cisco Umbrella Rank: 3764	444 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 1383	423 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	626 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1014	35 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 563	433 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 749	508 B
1	akstat.io 684dd312.akstat.io — Cisco Umbrella Rank: 68677	202 B
1	google.de www.google.de — Cisco Umbrella Rank: 6765	408 B
1	arc-cdn.net gray-config-prod.api.arc-cdn.net — Cisco Umbrella Rank: 29266	4 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 602	481 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	30 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1455	201 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1345	612 B
0	rlcdn.com Failed api.rlcdn.com Failed
371	56

	Domain	Requested by
80	images.taboola.com	cdn.taboola.com
24	s0.2mdn.net	www.29news.com s0.2mdn.net ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
18	ib.adnxs.com	4 redirects ads.pubmatic.com acdn.adnxs.com
16	cdn.taboola.com	www.29news.com cdn.taboola.com
15	gray-wvir-prod.cdn.arcpublishing.com	www.29news.com gray-wvir-prod.cdn.arcpublishing.com
14	securepubads.g.doubleclick.net	www.29news.com securepubads.g.doubleclick.net ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com www.googletagservices.com
10	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
10	am-trc-events.taboola.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
9	api-esp.piano.io	www.29news.com code.jquery.com api-esp.piano.io
9	www.29news.com	www.29news.com
7	ssum-sec.casalemedia.com	3 redirects js-sec.indexww.com ssum-sec.casalemedia.com
6	t.pubmatic.com	ads.pubmatic.com
6	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
6	i.liadm.com	6 redirects
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	htlb.casalemedia.com	ads.pubmatic.com
6	aax.amazon-adsystem.com	c.amazon-adsystem.com
5	ioms.bfmio.com	vidstat.taboola.com
5	match.adsrvr.org	ssum-sec.casalemedia.com am-match.taboola.com ads.pubmatic.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	hbopenbid.pubmatic.com	ads.pubmatic.com
4	cm.g.doubleclick.net	4 redirects
4	acdn.adnxs.com	ads.pubmatic.com
4	ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	ads.pubmatic.com	www.29news.com ads.pubmatic.com
3	code.createjs.com	s0.2mdn.net
3	am-vid-events.taboola.com	vidstat.taboola.com
3	www.googletagservices.com	ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
3	cdn.indexww.com	ssum-sec.casalemedia.com
3	dis.criteo.com	ssum-sec.casalemedia.com
3	js-sec.indexww.com	ads.pubmatic.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	trc.taboola.com	cdn.taboola.com
3	gum.criteo.com	cdn.taboola.com ads.pubmatic.com
3	www.googletagmanager.com	www.29news.com www.googletagmanager.com
3	c.amazon-adsystem.com	www.29news.com c.amazon-adsystem.com
3	cdnjs.cloudflare.com	www.29news.com cdnjs.cloudflare.com
2	id5-sync.com	ads.pubmatic.com
2	ad4m.at	ssum-sec.casalemedia.com
2	d.adroll.com	ssum-sec.casalemedia.com
2	powa-ingest-prod-us-east-1.video-player.arcpublishing.com	d3agakyjgjv5i8.cloudfront.net
2	counter.snackly.co	snippet.minute.ly
2	operationchicken.com	reconditerespect.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	reconditerespect.com	www.29news.com
2	www.queryly.com	www.29news.com
2	static.chartbeat.com	www.29news.com
2	d3agakyjgjv5i8.cloudfront.net	www.29news.com d3agakyjgjv5i8.cloudfront.net
1	sb.scorecardresearch.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	lb.eu-1-id5-sync.com	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	lexicon.33across.com	ads.pubmatic.com
1	videos.taboola.com
1	ups.analytics.yahoo.com	am-match.taboola.com
1	pr-bh.ybp.yahoo.com	am-match.taboola.com
1	imasdk.googleapis.com	vidstat.taboola.com
1	vidstatb.taboola.com
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com
1	wf.taboola.com	vidstat.taboola.com
1	fonts.googleapis.com	cdn.taboola.com
1	www.google.com	tpc.googlesyndication.com
1	euexchangesync.digitaleast.mobi	1 redirects
1	p.rfihub.com	1 redirects
1	cm.ctnsnet.com	1 redirects
1	s.company-target.com	1 redirects
1	um.simpli.fi	1 redirects
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	cms.quantserve.com	1 redirects
1	fiaqjiathaajekqce3ydkaaaczsyi7bk-pmf2el-d684f48e6-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kd7qozk7mu3ggzmepqva-pmf2el-f52f0093f-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	gray.video-player.arcpublishing.com	d3agakyjgjv5i8.cloudfront.net
1	gray-config-prod.api.cdn.arcpublishing.com	d3agakyjgjv5i8.cloudfront.net
1	image6.pubmatic.com	ads.pubmatic.com
1	684dd312.akstat.io	s.go-mpulse.net
1	snippet.minute.ly	apv-launcher.minute.ly
1	www.google.de	www.29news.com
1	region1.analytics.google.com	www.googletagmanager.com
1	apv-launcher.minute.ly	cdn.taboola.com
1	gray-config-prod.api.arc-cdn.net	d3agakyjgjv5i8.cloudfront.net
1	c.go-mpulse.net	s.go-mpulse.net
1	static.adsafeprotected.com	www.29news.com
1	code.jquery.com	api-esp.piano.io
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	ping.chartbeat.net	www.29news.com
1	mab.chartbeat.com	static.chartbeat.com
1	s.go-mpulse.net	www.29news.com
1	c2.taboola.com	www.29news.com
1	polyfill.io	www.29news.com
0	api.rlcdn.com Failed	ads.pubmatic.com
371	97

This site contains links to these domains. Also see Links.

Domain
www.circleallaccess.com
www.investigatetv.com
www.graydc.com
www.vuit.com
www.facebook.com
www.nbc29.com
quelancepitylus.com
adventure-shop.at
popup.taboola.com
teavishedconers.com
bredings-person.com
click.gamingtrk.com
www.artikel.enpal.de
www.aroundhome.de
argainstwingest.com
safesly.com
veration-cellyric.com
www.solaranlagen-magazin.de
om.forgeofempires.com
prough-veridated.icu
shefence-citional.com
welighly-itario.icu
4jntts.zbrjtstrclnm.com
pro-verbraucher.info
www.goldtreu.de
maximparerurehab.com
gosearches.net
www.audibene.de
searchlinksnow.com
wtfacts.net
publicfiles.fcc.gov
webpubcontent.gray.tv
wvir.graydigitalmedia.com
gray.tv
www.queryly.com

Subject Issuer	Validity	Valid
gray4.web.arc-cdn.net R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2022-12-12` - `2024-01-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
polyfill.io Certainly Intermediate R1	`2023-12-02` - `2024-01-01`	a month	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
reconditerespect.com R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
api.arc-cdn.net DigiCert TLS RSA SHA256 2020 CA1	`2023-03-24` - `2024-03-25`	a year	crt.sh
*.minute.ly R3	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
operationchicken.com R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.snackly.co Sectigo RSA Organization Validation Secure Server CA	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.api.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2023-05-02` - `2024-05-12`	a year	crt.sh
*.video-player.arcpublishing.com Amazon RSA 2048 M02	`2023-11-15` - `2024-12-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
*.match.prod.bidr.io Amazon RSA 2048 M03	`2023-11-28` - `2024-12-26`	a year	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
*.bfmio.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-11-27` - `2024-02-25`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Frame ID: CD2DAD8AF4DEDF055D345D112573E2DB
Requests: 263 HTTP requests in this frame

Frame: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9226453BE3FDDCC01B27443F16504C15
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6816AE0D7E7552690535CA9A35724ACE
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 150BEB39F5185C25CECDC7AF4DA737AA
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FCA261ED5E5A64D943201A9B3DCCE1CA
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 00AAFCDA917D61308C736E5C99D93A1C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6B835561B132CFE8A16EBCB04FCD86B7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 89E509AB5ED8D2EC3B9218668D1DE5CA
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CE22DF2EC05D3CC882D57F1A74739CB8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 33A935B4AC7D398A28C36CD06E9B2D0C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 18EC5E946482A65186D2ED2AE99A1967
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B587D2C96D9CFDBF1F7ED7D1586E28BA
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 48908B02BFDAD9FDB4A5D9C88C32F5B8
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 90D9E167E9FD38F0EFA8E8A7F23E00AB
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0D7219215A95D1B82B54A1C582BE7569
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A9D6CFE47F71DDDFE8C4B3784D0DE311
Requests: 2 HTTP requests in this frame

Frame: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1991EE53CA8FC0C6E799E643763BAC06
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/index.html
Frame ID: FA6A8A924E23DC38A16DC500B598895F
Requests: 8 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8KA8CLAYkfBTknJ-SKxBI-CjIOT8lVygAAABgYGDtAIktTIPhbrNbyya-wVq0sHnWEudisJa5HMPhYrBxjEYrIyCxhWkw3G12a9nEN1iLFjbPWuJcDNYyl2M4XAw2jtFoZQUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvcETmk6Hz3Wv1_1-d8ly7vJ97hq_2y8ZTDZ7xWQvGO41lr_1ZXrrLH_X4a21O02np93nFrruJsvL5HlrHIbPW-7yXfyWu-cvBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcUB4o-Vp97ns_gAAAAAAAgAAAIAEgIDyWQkAGRysE___________MQboM29k_P___98w6AHw4APgQQgAAMDHEBxb4nHa3X8gIgXRRRgBAAAAgPo_KDsySSeoWFT5___vtwJwBQAggLGxMEAni-6gxFsYAAAAgjEL9LD4_WaHXeN3u8z_________v5n_M_9ohIjqh9MEXSj0qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389ILUbLDcOj2UzsW1mG5PNuFvNHM6FxbiaeEamhXN7QO1ozi5HSgb7VFjT5PIbJC2X2aCg-G0vg4zlMtnPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYMTkXjt3G5NbYXLa1aGacuSWmhcktMxlGlsnCM3GsLGvR62P6-FaGxcK5RYIBUnuRPC3SiWg2m3gWq4nNtNuNNrPRaOXZ-FaDyWbkcC5MxuFELNGcLNKJ7LJv7QbLjcNj2Uxsm9nGZDPuVjOHc2ExriaekWnh3FdMzoVjtzG5NTaXbS2aGWduiWlhcstMhpFlsvBMHCvLWvT6mD6-lWGxcO4bu8FmMVxsVpt9YzfYLIaLzWqz79AZvqvP2ehaHtMen2Eh-6lPNqdB4TJYvD-JaTHtzg6es-_odBmXyaLO6Pf7_X6_3-_3-_0GredgNih8w2ytKl38ZKudtPA4GBSxRHCRTnSWh_N0e-tuT8vd4rEsJ2KJ0nSRTvSSwWSzV0z2guFeY_lbX6a3zvJ3Hd5au9N0etp9bqHrbrK8TJ63xmH4vOUu38VvuXsuYongdJFORC_j6aL-IwYczCWr1Vw3VwwWqwQAAAAAAAAAYAmmmW4CAAAA4GQQw8lwuFung5ksF5PJaLkALLwkdQGDAAAAAAAA7PKlrhKCZ7rfKNbYYxBneThPt7fu9rTcLR7LcsoAAAoOmW32GUGs1WpZAwAAEMAGAAAQwE033gSEV3H_____4wAAAMjIoQcAALC2D2hKK_zIlWKPX0GMVsPV_gGoEGu1Wt1urNVqBSygwWq1mcD___9_ggAAAAAAADj5BQEAAAAAAHBeAA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: D8807F17B22DEC4D803166CD44A43C66
Requests: 4 HTTP requests in this frame

Frame: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 65A127AE5E54DDAAB1C550806A643EF8
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/index.html
Frame ID: B089D418BF70DB3F92A0DED4CBF0D2D9
Requests: 8 HTTP requests in this frame

Frame: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ABE02B7B462DABE622BBB7E60902CF0D
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/index.html
Frame ID: 376AB854EA516A97E0623B71CAF9AC63
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Crozet group knitting hundreds of caps for newbornsShare on FacebookEmail This LinkShare on X (formerly Twitter)Share on PinterestShare on LinkedInGroup 3Group 3Group 3Group 3

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

371
Requests

94 %
HTTPS

48 %
IPv6

56
Domains

97
Subdomains

71
IPs

7
Countries

7622 kB
Transfer

19017 kB
Size

42
Cookies

59 Outgoing links

These are links going to different origins than the main page.

URL: http://www.circleallaccess.com/
Title: Circle - Country Music & Lifestyle

Search URL Search Domain Scan URL

URL: https://www.investigatetv.com/
Title: InvestigateTV

Search URL Search Domain Scan URL

URL: https://www.graydc.com/
Title: Gray DC Bureau

Search URL Search Domain Scan URL

URL: https://www.vuit.com/publishers/355/wvir
Title: Watch Previous Newscasts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NBC29

Search URL Search Domain Scan URL

URL: https://www.nbc29.com/page/submit-a-story/
Title: here

Search URL Search Domain Scan URL

URL: https://quelancepitylus.com/0438e27e-9ed6-4e35-9945-1e86b1d4f33a
Title: Knauermann

Search URL Search Domain Scan URL

URL: https://adventure-shop.at/products/stirnlampe-led
Title: Adventure Light

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-wvirnbc29&utm_medium=referral&utm_content=video-reel-sc:Video%20Reel%20Above%20Feed:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en
Title: Ad

Search URL Search Domain Scan URL

URL: https://teavishedconers.com/8bf295b7-c209-4328-8356-4bf7e1f6f197
Title: Thermo Alpin

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-wvirnbc29&utm_medium=referral&utm_content=thumbs-feed-01-a-text-over:Below%20Article%20Thumbnails%20New%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://bredings-person.com/7a9920f4-d67c-4782-9847-08ce4b0b707e
Title: Deutsche Neuro

Search URL Search Domain Scan URL

URL: https://teavishedconers.com/ed42a4c3-dbe3-4473-bc2b-a48df63e5af5
Title: Profibohrer™

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-wvirnbc29&utm_medium=referral&utm_content=thumbs-feed-01-b:Below%20Article%20Thumbnails%20New%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://click.gamingtrk.com/5247e408-e801-4da4-a709-9968b50f3204
Title: RAID

Search URL Search Domain Scan URL

URL: https://www.artikel.enpal.de/artikel/grosskonzerne-erschuettert-solar-guenstiger-als-strom
Title: Enpal

Search URL Search Domain Scan URL

URL: https://www.aroundhome.de/treppenlift/formular/
Title: Treppenlift-Vergleich

Search URL Search Domain Scan URL

URL: https://argainstwingest.com/b05d84af-5c81-4add-b0f3-ce171c5f4c7a
Title: Feldluft

Search URL Search Domain Scan URL

URL: https://safesly.com/9597750f-4070-4a54-9822-830513702ebe
Title: Pflege-Ratgeber24

Search URL Search Domain Scan URL

URL: https://veration-cellyric.com/ae5cf1ad-1f2b-4d7c-93aa-29fc47cec740
Title: Game of Thrones

Search URL Search Domain Scan URL

URL: https://www.solaranlagen-magazin.de/artikel/photovoltaik-2023-deshalb-ist-dieses-solarunternehmen-so-beliebt
Title: Solaranlagen Magazin

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/
Title: Forge Of Empires

Search URL Search Domain Scan URL

URL: https://teavishedconers.com/7b77ca26-36e6-43bf-b982-4f602faf3532
Title: TurboClean

Search URL Search Domain Scan URL

URL: https://prough-veridated.icu/fc1524ea-e06b-4e78-8dc5-fce2fde55d14
Title: Techno Mag

Search URL Search Domain Scan URL

URL: https://bredings-person.com/f7736266-1593-4e7c-a15f-170d64b3724b
Title: Tinnitus Research

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/b4c27dee-49e7-4b35-b3e3-738d85f6259e
Title: Nutra Myco

Search URL Search Domain Scan URL

URL: https://welighly-itario.icu/f144a628-ac3c-4ec8-8156-d820f2be83bc
Title: Diesel Check 2023

Search URL Search Domain Scan URL

URL: https://bredings-person.com/a0c7ac7b-3e70-4860-a038-bc47a7c4da97
Title: Seh Protokoll

Search URL Search Domain Scan URL

URL: https://4jntts.zbrjtstrclnm.com/
Title: SUV | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://pro-verbraucher.info/kostenlose-beerdigung-tb-l2t/
Title: Pro Verbraucher

Search URL Search Domain Scan URL

URL: https://www.goldtreu.de/products/ring-umarmung
Title: Goldtreu

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/c351a234-e6d9-4bf6-800c-f99fb09a6b14
Title: Prostata Gesundheit

Search URL Search Domain Scan URL

URL: https://maximparerurehab.com/f04b78f6-a4d4-4532-8454-2337b084513b
Title: Solar-Vergleich

Search URL Search Domain Scan URL

URL: https://gosearches.net/index.php
Title: GoSearches

Search URL Search Domain Scan URL

URL: https://www.audibene.de/d/revealing_magazin/
Title: audibene

Search URL Search Domain Scan URL

URL: https://searchlinksnow.com/direct/home:service:heat_pump-de-de
Title: Wärmepumpen | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://www.nbc29.com/video/2023/11/28/albemarle-schools-consider-schedule-change/?utm_source=taboola&utm_medium=organicclicks

Search URL Search Domain Scan URL

URL: https://wtfacts.net/trending/erinnern-sie-sich-noch-an-diese-legendaren-promis-so-sehen-sie-heute-aus-taboola-sc-michaela-schaffrath
Title: What The Facts

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-wvirnbc29&utm_medium=referral&utm_content=rec-reel-sc2:Below%20Article%20Thumbnails%20New%20|%20Card%2012:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WVIR-TV
Title: FCC Public File

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/gdm/fcc/wvir-fcc_applications.pdf
Title: FCC Applications

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/api/manager/download/ef129121-fbd7-88b0-8fb4-157285cee286/ffc4a01b-79e4-4b77-a4bf-ebe60b2a5461.pdf
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://wvir.graydigitalmedia.com/
Title: Digital Advertising

Search URL Search Domain Scan URL

URL: https://gray.tv/optout
Title: YOUR PRIVACY CHOICES

Search URL Search Domain Scan URL

URL: https://gray.tv/uploads/documents/Gray-Television-AI-Policy.pdf
Title: Click here

Search URL Search Domain Scan URL

URL: https://www.queryly.com/
Title: search by queryly

Search URL Search Domain Scan URL

URL: https://www.nbc29.com/video/2023/12/08/albemarle-county-police-department-investigating-stony-point-road-homicide/?utm_source=taboola&utm_medium=organicclicks

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-wvirnbc29&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-wvirnbc29&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.nbc29.com/video/2023/12/10/18-year-old-killed-after-canceled-facebook-marketplace-sale-police-say/?utm_source=taboola&utm_medium=organicclicks

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pmf2elvmh HTTP 302
https://kd7qozk7mu3ggzmepqva-pmf2el-f52f0093f-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 123

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pmf2elvmh HTTP 302
https://fiaqjiathaajekqce3ydkaaaczsyi7bk-pmf2el-d684f48e6-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 125

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 126

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 127

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 128

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 129

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 130

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 131

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 145

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYR8Kr5NX2qgqrzxiEBP0wAA%263344&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYR8Kr5NX2qgqrzxiEBP0wAA%263344&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=134768e379bf4e9daf40c51ad6999e93 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYR8Kr5NX2qgqrzxiEBP0wAADRAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZYR8Kr5NX2qgqrzxiEBP0wAADRAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKLoIla8SAj2qjP7BxLzOM4&google_cver=1

Request Chain 147

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8Kr5NX2qgqrzxiEBP0wAADRAAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8Kr5NX2qgqrzxiEBP0wAADRAAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 149

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ok8_RqMZNRO5TmJDoU0qQ6UeY0G5TTdBoUNkQyLh

Request Chain 154

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8KljYpv8I0Fjs3kY54gAAFGQAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8KljYpv8I0Fjs3kY54gAAFGQAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 155

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYR8KvLE93RWeOdPB94-jAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBQiYjTyWMiB9I2apkIrb9s&google_cver=1

Request Chain 157

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYR8KljYpv8I0Fjs3kY54gAA%265220&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYR8KljYpv8I0Fjs3kY54gAA%265220&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f3d79340fcd249078282624d21a9b03d HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 159

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4343C735FF0B4F99A3C8A6C064786F76

Request Chain 160

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718992554&external_user_id=104596d3-8dc0-472a-91b8-00a470c80a12

Request Chain 161

https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=3feef54b7f9a43148cb1c6c92f8862ac&expiration=1705773354

Request Chain 163

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8KvLE93RWeOdPB94_jAAAFIQAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8KvLE93RWeOdPB94_jAAAFIQAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 164

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYR8KvLE93RWeOdPB94-jAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELJRhdqUmbcva6n05Rp9iDo&google_cver=1

Request Chain 165

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYR8KvLE93RWeOdPB94-jAAA%265252&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYR8KvLE93RWeOdPB94-jAAA%265252&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=16d000b84b704e02a9d64ec13b833102 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 168

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588528177236041

Request Chain 169

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=c6d43337-dd44-4d87-8a9a-b31b50213a6a

371 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/ 221 KB
38 KB 6191ms
910ms Document
text/html 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

4e8b78c2aa70f6522adbdbd545bfd76e4a659e99a5d6bf389e33d38b63d33109

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-true-ttl: -1
cache-control: private, max-age=60
content-encoding: gzip
content-length: 37771
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 21 Dec 2023 17:55:52 GMT
etag: W/"3606a-aukIObj2esoJCUCccVGlQ2UUMwk"
expires: Thu, 21 Dec 2023 17:56:52 GMT
last-modified: Thu, 21 Dec 2023 17:55:52 GMT
prerender-cache-tag: prerender-gray-wvir-prod-02220c9c
server: openresty
server-timing: cdn-cache; desc=REVALIDATE edge; dur=441 origin; dur=424 ak_p; desc="1703181347926_34831756_1543548358_86346_5212_524_3615_255";dur=1
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-akamai-transformed: 9 35839 0 pmb=mRUM,2
x-amz-cf-id: -GciQI8qmjjANq30Vs6t1B03WVDeZqi-A2Gj9NICl7cFFv26Thf1kA==
x-amz-cf-pop: ORD58-P3
x-arc-pb-request-id: 1ed1c5a8-75de-444d-9e26-f2e857d7926e c82012a1-1517-4aad-9230-4f7b98ffc9a4
x-arc-request-id: 0.8c7d1302.1703181351.5c00adc6

GET
H2 200 react.js Show response
www.29news.com/pf/dist/engine/ 844 KB
183 KB 98ms
96ms Script
application/javascript 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.29news.com/pf/dist/engine/react.js?d=377

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

ed3e82982709c80b6c44ba9d0657462f258df046c52409702e5f3f06ccdcfd51

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: IAD50-C2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.8c7d1302.1703181352.5c00b6c2
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703181352525_34831756_1543550658_25_1497_100_0_146";dur=1
content-length: 186244
last-modified: Tue, 19 Dec 2023 16:43:59 GMT
server: openresty
etag: W/"97485dc787ce34817aa7e30b1a22141a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: Vhd1gn9QyZOWSDEDS5APouyDZmEGBt9xrnmPf1CzUQGXEjsmc_2-_w==
expires: Fri, 20 Dec 2024 17:55:52 GMT

GET
H2 200 default.js Show response
www.29news.com/pf/dist/components/combinations/ 1 MB
275 KB 201ms
200ms Script
application/javascript 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.29news.com/pf/dist/components/combinations/default.js?d=377

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a1ce2ebc5559dd55f9d1b9aeb0df3d567623fb2ab8c25358d5c47eaaebfc7642

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: MIA3-P6
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.8c7d1302.1703181352.5c00b6c3
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703181352525_34831756_1543550659_27_1734_100_0_146";dur=1
content-length: 280658
last-modified: Tue, 19 Dec 2023 16:44:01 GMT
server: openresty
etag: W/"71e7a74e3051163ba9d92db913a2d8d0"
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: DtXpmPE8NUhXYzLf0fFFTbIvXBdRzMJmNbtHI9yvSrpVYF_UnSYGXQ==
expires: Fri, 20 Dec 2024 17:55:52 GMT

GET
H2 200 main.css
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/ 82 KB
14 KB 213ms
96ms Stylesheet
text/css 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/main.css?d=377

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

8257e3f3a5939a2a8e1ea470645bc40d9e2f626c59ec06307d0ed5f3f00b8ab0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.4bf01002.1703181352.2b6ef2d0
server-timing: cdn-cache; desc=HIT, edge; dur=16, origin; dur=0, ak_p; desc="1703181352587_34664523_728691408_1556_4716_38_53_255";dur=1
content-length: 14170
last-modified: Tue, 19 Dec 2023 16:43:59 GMT
server: openresty
etag: W/"9e40a2a1a5a5fd1291cbb18863b4a93d"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 70RkOLwgHI8SQiVs_hKBg5wUzNOsUb-NaCD0NiW6hmty1owtbH85Fw==
expires: Fri, 20 Dec 2024 17:55:52 GMT

GET
H2 200 main.css
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/ 99 KB
16 KB 163ms
46ms Stylesheet
text/css 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=377

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

8da023dacb313554ad2b7cee7c0ff07b8887310911ddcd7af10bfb4f58736f0a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: MIA3-P6
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.4bf01002.1703181352.2b6ef2d1
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703181352641_34664523_728691409_88_4705_38_53_255";dur=1
content-length: 16022
last-modified: Tue, 19 Dec 2023 16:44:00 GMT
server: openresty
etag: W/"11a140f71d1cdf98a0d11e289d5f4a9c"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: O3aqaom1MsKA1Odwa50aGJQHew3LL7YYFJeDfIK6mD5Y_i3MYvl7zQ==
expires: Fri, 20 Dec 2024 17:55:52 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 100 KB
19 KB 132ms
49ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1779951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18861
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-49ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7E87hGrXZPj9Q0OkBtxuF3LA5%2FphTSm3ikbeVYNPxEYb0ZTTXPPT%2FI%2FZdjosLLtkPE8g6HKF5UXmr1aEpZqsJoDUvwemnRKCPff9Pqft4UslCKvfiLsvO4CU42YF9nZ9w6PH4auahOiqJAHnkRzglcd"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8391ff9dc91a4d52-FRA
expires: Tue, 10 Dec 2024 17:55:52 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 104 B
612 B 179ms
57ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CArray.prototype.forEach%2CSymbol.hasInstance%2Ces6%2CIntl%2ClocalStorage%2CDate.prototype.toISOString%2CDate.now%2Cdefault%2CObject.entries%2CObject.fromEntries%2CArray.prototype.entries

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.29news.com/
Origin: https://www.29news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Dec 2023 17:55:52 GMT
age: 168868
detected-user-agent: Chrome/120.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/120.0.0
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gtm.js Show response
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/js/analytics/ 584 B
884 B 194ms
78ms Script
application/javascript 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/js/analytics/gtm.js?d=377

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: ATL58-P6
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.4bf01002.1703181352.2b6ef2d2
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703181352641_34664523_728691410_48_4693_38_0_219";dur=1
content-length: 305
last-modified: Tue, 19 Dec 2023 16:44:01 GMT
server: openresty
etag: W/"d95f5027a66e33b82dc537faa5603017"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: fH7eymXpG4phKoi-lX_HdFBco8K_gl4M_4h9mtGIilYqpRb9oJmP2w==
expires: Fri, 20 Dec 2024 17:55:52 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 184ms
57ms Script
application/javascript 52.222.175.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.175.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-175-65.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:21:13 GMT
content-encoding: gzip
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 24e6529ea30fbe719bde2164c1fe9238.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, CDG50-P2
age: 2079
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 0yacaBZAD0vT4smBsHkbFMl_rCESEIZR47fWBuNgk1DzC7Q3yOLbXw==

GET
H2 200 powaBoot.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/ 16 KB
6 KB 140ms
41ms Script
application/javascript 2600:9000:2646:fc00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaBoot.js?org=gray
Requested by: Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:fc00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 810d9203d0e7d3abce29279a90ab99c3472a19cd32a7b96a0e83ceca32064aa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:51:06 GMT
content-encoding: gzip
via: 1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 19:12:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 291
x-amz-server-side-encryption: AES256
etag: W/"ea946e347a8a6d5fa1c533185389635e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: jWNuJqYXefJlEZ9iTqZJguhoiRKplVhBAQK9yzrV8OS16IW7YEccCg==

GET
H2 200 comscore.js Show response
www.29news.com/pf/resources/js/analytics/ 168 KB
49 KB 42ms
42ms Script
application/javascript 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.29news.com/pf/resources/js/analytics/comscore.js?d=377

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.8c7d1302.1703181352.5c00b6c0
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703181352525_34831756_1543550656_20_1532_100_0_219";dur=1
content-length: 49862
last-modified: Tue, 19 Dec 2023 16:44:01 GMT
server: openresty
etag: W/"702fb2c84c6e8b364a6130cb860c7987"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: ABOpdWnDAF8ad3dwW9mS7pTUxohM-1re-Of8lp46q5yZNm2wBlGt_g==
expires: Fri, 20 Dec 2024 17:55:52 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 138ms
48ms Script
application/x-javascript 2600:9000:2449:b800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:b800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:35:21 GMT
content-encoding: gzip
via: 1.1 34dde22d7e4e8bb757cb687a7932a122.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: AMS58-P6
age: 1231
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: FadHe8rrPqHcjlOEqi6g3FNo-cZLzCvG_VhcVE5TqZ9mhjdjxKJtgA==
expires: Fri, 22 Dec 2023 17:35:21 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 131ms
42ms Script
application/x-javascript 2600:9000:2449:b800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:b800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:18:33 GMT
content-encoding: gzip
via: 1.1 34dde22d7e4e8bb757cb687a7932a122.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: AMS58-P6
age: 2239
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: j-lu8Kfdb1BsTsuEdQR7vi-8bOsVjdzoOGm0l68Uie3EvjT3G9PxSA==
expires: Thu, 21 Dec 2023 19:18:33 GMT

GET
H2 200 queryly.v4.min.js Show response
www.queryly.com/js/ 26 KB
7 KB 138ms
47ms Script
application/javascript 2606:4700:20::681a:d56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/queryly.v4.min.js
Requested by: Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 151f6b996cf32b6173b5cce91507a353c7fcf80aed4a778d8d5a2574fdef1f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 21:38:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16
etag: W/"80cb5bb3c332da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiwFmPyl9APKSXjiXvZ%2BJhV7%2BJUyg1b4bnHAw%2Bt6yaHIAJFCnAB3UVdpwFF4fCrIuXu1TL7XiglS3aQ0o7gP2XkcKYI4yXsj0w97%2Fp566g1MF6CoZ1Nt9%2BN0kLz7tJYP2Ul%2FvstqENRrsjPDpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8391ff9f8f9a91fc-FRA

GET
H2 200 KHBPMFXBHBHSTC3L6AUL6A5EJE.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 8 KB
9 KB 195ms
79ms Image
image/avif 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/KHBPMFXBHBHSTC3L6AUL6A5EJE.jpg?auth=ec111e08914fc5aede103883da11e7ecc2eb705de25e29d3ad480d4e72d828b9&width=800&height=450&smart=true

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e4ec14e4646953ab750a8addd2eebfe53482197db38b9f84dc4dc89fea273ec0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Thu, 21 Dec 2023 17:55:52 GMT
strict-transport-security: max-age=86400
last-modified: Tue, 12 Dec 2023 16:53:45 GMT
server: Akamai Image Manager
x-serial: 262
x-check-cacheable: YES
etag: "21c7d5e871a4c70e1e08446351ec9734"
x-arc-request-id: 0.4bf01002.1703181352.2b6ef2d3
content-type: image/avif
cache-control: private, no-transform, max-age=30754776
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703181352641_34664523_728691411_56_8525_38_0_182";dur=1
content-length: 8351
expires: Wed, 11 Dec 2024 16:55:28 GMT

GET
H2 200 75O6DNIWGNH6BKQVLQQFVU2USY.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 12 KB
12 KB 203ms
87ms Image
image/avif 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/75O6DNIWGNH6BKQVLQQFVU2USY.jpg?auth=326592df5f9b2188272bb65d2efa536fca3c0969e4b6e8b15a95398e5b255fe6&width=800&height=450&smart=true

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d7b3d8230172df076ebf63390c12d9a422652db2806b14d02c9bb7f6f982a078

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Thu, 21 Dec 2023 17:55:52 GMT
strict-transport-security: max-age=86400
last-modified: Tue, 12 Dec 2023 04:24:28 GMT
server: Akamai Image Manager
etag: "912ae3b1ed91f205740c99d18a04286c"
x-arc-request-id: 0.4bf01002.1703181352.2b6ef2d4
content-type: image/avif
cache-control: private, no-transform, max-age=30709689
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703181352641_34664523_728691412_62_8579_38_0_182";dur=1
content-length: 11914
expires: Wed, 11 Dec 2024 04:24:01 GMT

GET
H2 200 2EIN3QDV3JAM7H6YIPXQMVYOTI.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 40 KB
40 KB 54ms
52ms Image
image/avif 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/2EIN3QDV3JAM7H6YIPXQMVYOTI.jpg?auth=d345a574cd15bc07eededd747bdc18388549a75bc26b4867f5a5e736aa9f0b00&width=800&height=450&smart=true

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3401ced6f532dabb56bb8885559e3c32d7f1163c1cc10f60c22788be60cd34af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Thu, 21 Dec 2023 17:55:52 GMT
strict-transport-security: max-age=86400
last-modified: Tue, 12 Dec 2023 13:34:19 GMT
server: Akamai Image Manager
etag: "01925e51130840e7c2aad86522e9ed69"
x-arc-request-id: 0.4bf01002.1703181352.2b6ef342
content-type: image/avif
cache-control: private, no-transform, max-age=30742771
server-timing: cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1703181352730_34664523_728691522_509_8246_39_0_182";dur=1
content-length: 40641
expires: Wed, 11 Dec 2024 13:35:23 GMT

GET
H2 200 LTWJ3DBGSVBTPFZALPUIV2GICQ.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 63 KB
64 KB 64ms
64ms Image
image/avif 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/LTWJ3DBGSVBTPFZALPUIV2GICQ.jpg?auth=e8fa81690c68f65884285a31a86492bf5cd7f430bd29330f9855c34db44908f3&width=800&height=450&smart=true

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4144d655236b3d76f29efe361fafabc5a105d33fa5e3d0b52f0c80c833d2dbe5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Thu, 21 Dec 2023 17:55:52 GMT
strict-transport-security: max-age=86400
last-modified: Fri, 15 Dec 2023 14:49:16 GMT
server: Akamai Image Manager
etag: "c93d3dcab87846b72eedb467a580107b"
x-arc-request-id: 0.4bf01002.1703181352.2b6ef34f
content-type: image/avif
cache-control: private, no-transform, max-age=31006486
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703181352738_34664523_728691535_99_8431_39_0_182";dur=1
content-length: 64926
expires: Sat, 14 Dec 2024 14:50:38 GMT

GET
H2 200 HTCEUPLWJJDX3PSGHW3LL3Q4E4.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 19 KB
20 KB 63ms
60ms Image
image/avif 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/HTCEUPLWJJDX3PSGHW3LL3Q4E4.jpg?auth=cfa586df265973987fa7387f378d73e9dd8437e0ed1c7d2e178567447c674da6&width=800&height=450&smart=true

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a1a13e29fab1da43215d2816a70443dc4086b72d1284c8efc7fc60824c2ae59f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Thu, 21 Dec 2023 17:55:52 GMT
strict-transport-security: max-age=86400
last-modified: Tue, 12 Dec 2023 07:41:44 GMT
server: Akamai Image Manager
etag: "5bc196c2f84955a56aa1726178f95527"
x-arc-request-id: 0.4bf01002.1703181352.2b6ef389
content-type: image/avif
cache-control: private, no-transform, max-age=30721738
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1703181352798_34664523_728691593_318_17829_38_0_182";dur=1
content-length: 19858
expires: Wed, 11 Dec 2024 07:44:50 GMT

GET
H2 200 MJSLRBZ42VBORL4WXC3OFG3LD4.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 32 KB
33 KB 147ms
145ms Image
image/avif 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/MJSLRBZ42VBORL4WXC3OFG3LD4.jpg?auth=25ecb9bcaa31791c7a4ee1ddf5709aee6b45f489c7c4777d38f57aeb454c3b9e&width=800&height=450&smart=true

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

986cb62d07143c81a180e9a89acca4ab436bca216830be89a61765af21e692ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Thu, 21 Dec 2023 17:55:52 GMT
strict-transport-security: max-age=86400
last-modified: Thu, 21 Dec 2023 16:07:20 GMT
server: Akamai Image Manager
etag: "4552d3d68f4269a745291f41a9018d1e"
x-arc-request-id: 0.4bf01002.1703181352.2b6ef392
content-type: image/avif
cache-control: private, no-transform, max-age=31529454
server-timing: cdn-cache; desc=HIT, edge; dur=54, origin; dur=0, ak_p; desc="1703181352809_34664523_728691602_5819_14018_40_0_146";dur=1
content-length: 32832
expires: Fri, 20 Dec 2024 16:06:46 GMT

GET
H2 200 MECEH7WYLRFLJK7LJR46CTS6GY.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 7 KB
8 KB 147ms
146ms Image
image/avif 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/MECEH7WYLRFLJK7LJR46CTS6GY.jpg?auth=1a1cd3640f3baabf0c778f517c6967b09f1a2f8cb979c34df5bbd87014a150d4&width=800&height=450&smart=true

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9c80678132c31756a257203eba3f9a922fd8c5b7b974b9cbc9ab64a5b6e23a86

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Thu, 21 Dec 2023 17:55:52 GMT
strict-transport-security: max-age=86400
last-modified: Fri, 15 Dec 2023 20:51:17 GMT
server: Akamai Image Manager
x-serial: 490
x-check-cacheable: YES
etag: "ec745707195bf2f61e764dfd304b78ac"
x-arc-request-id: 0.4bf01002.1703181352.2b6ef393
content-type: image/avif
cache-control: private, no-transform, max-age=31028127
server-timing: cdn-cache; desc=HIT, edge; dur=67, origin; dur=0, ak_p; desc="1703181352804_34664523_728691603_6753_7995_40_0_146";dur=1
content-length: 7325
expires: Sat, 14 Dec 2024 20:51:19 GMT

GET
H2 200 2GHMDRSMV5B65F62GNZKQAWDCY.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 15 KB
16 KB 250ms
248ms Image
image/avif 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/2GHMDRSMV5B65F62GNZKQAWDCY.png?auth=11ac82172fed28cdaf992d4c368fae7313d82cb6867f0287ac036dceaecd17b9&width=800&height=450&smart=true

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d45bcc295355e0fc981777b1326ea5b5bc1e2b57ce0293f24c42d9b16f74738a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Thu, 21 Dec 2023 17:55:53 GMT
strict-transport-security: max-age=86400
last-modified: Wed, 20 Dec 2023 18:57:36 GMT
server: Akamai Image Manager
x-serial: 1915
x-check-cacheable: YES
etag: "5ca9500d1db6e1f6ad3c8ffc84a93cc6"
x-arc-request-id: 0.4bf01002.1703181352.2b6ef394
content-type: image/avif
cache-control: private, no-transform, max-age=31453348
server-timing: cdn-cache; desc=HIT, edge; dur=195, origin; dur=0, ak_p; desc="1703181352804_34664523_728691604_19527_8010_39_0_146";dur=1
content-length: 15429
expires: Thu, 19 Dec 2024 18:58:21 GMT

GET
H2 200 ZVMTRCF4QJADTHHVWCKT6PRP4A.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 20 KB
21 KB 611ms
610ms Image
image/avif 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ZVMTRCF4QJADTHHVWCKT6PRP4A.jpg?auth=18a220a24250a5f1f1a6e687ac81121c5ec026c1475f7e4e55c8dd7007f15706&width=800&height=450&smart=true

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4cc787b3422de053940d1ff6736ce187fb73b0d47dddd2ecdf2b5c70f6f5f102

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Thu, 21 Dec 2023 17:55:53 GMT
strict-transport-security: max-age=86400
last-modified: Thu, 21 Dec 2023 08:01:53 GMT
server: Akamai Image Manager
x-serial: 534
x-check-cacheable: YES
etag: "520e520f09dd1ce56c5af0882a94193f"
x-arc-request-id: 0.4bf01002.1703181352.2b6ef395
content-type: image/avif
cache-control: private, no-transform, max-age=31500322
server-timing: cdn-cache; desc=HIT, edge; dur=552, origin; dur=0, ak_p; desc="1703181352804_34664523_728691605_55051_13526_38_0_146";dur=1
content-length: 20504
expires: Fri, 20 Dec 2024 08:01:15 GMT

GET
H2 200 v2bkp9Uun3-1LRAB_lzCZndpym_6H7eOtuB69j2DMKvsxBxYzTMW8Pcb8nw Show response
reconditerespect.com/ 72 KB
25 KB 162ms
58ms Script
text/javascript 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2bkp9Uun3-1LRAB_lzCZndpym_6H7eOtuB69j2DMKvsxBxYzTMW8Pcb8nw

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

705a0344ba91b225b31594577ec66e98084c564c6fa3842ca6a6e922532da4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Thu, 21 Dec 2023 17:55:52 GMT
x-datacenter: gce-europe-west1
etag: "ad91005911710f06a0cc90d7ffe3fa195f4d61a0809ec16d75cad1842bde8a5a"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-6lrn
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1072352451
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 v2sglPwD6cv16a0cnFC0rQ1CHpbVfM07j9ojCzxSbHxiBayPvsnqIuSLXL0EjVtTQDR7yhgNv36s Show response
reconditerespect.com/ 9 KB
4 KB 158ms
54ms Script
text/javascript 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2sglPwD6cv16a0cnFC0rQ1CHpbVfM07j9ojCzxSbHxiBayPvsnqIuSLXL0EjVtTQDR7yhgNv36s

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

53b988c3d873cd2c0c14d099834524858337e92c5a0a69884f102468a3d469a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
via: 1.1 google
date: Thu, 21 Dec 2023 17:55:52 GMT
x-datacenter: gce-europe-west1
etag: "1d1c3ac58c97fb802e11891fec60568f003c0af6dd9c96984da7be4f75ddf567"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-6lrn
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1072352451
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 147ms
50ms XHR
application/javascript 52.222.175.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.175.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-175-65.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 c9032f97f2aeb92c5a73eac6a8f1ae42.cloudfront.net (CloudFront)
date: Thu, 21 Dec 2023 02:36:02 GMT
x-amz-cf-pop: CDG50-P2
age: 55190
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: f1GGicIGZYgUUIQHlrURQWu71J-ck4sn4C3_ybFvBvCnjq2hdEVm0A==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161733/6819/ 535 KB
162 KB 155ms
43ms Script
application/javascript 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Requested by: Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 01b83ab9dd12f79d5f3ec8b655c274567e016aacc9f3341ba33947bc269ce41a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: gzip
last-modified: Wed, 26 Jul 2023 14:41:30 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=162653
accept-ranges: bytes
content-length: 165409
expires: Sat, 23 Dec 2023 15:06:45 GMT

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 142ms
52ms Script
application/javascript 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:52 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 14534
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 10 Oct 2023 08:51:13 GMT
server: cloudflare
etag: W/"1bbec-18b18c87a69"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 8391ff9f885b9018-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 20 Dec 2024 17:55:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 227 KB
66 KB 161ms
75ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f4698460ba3c33e8dd4dfe33177505e5f7f741b5e3fc49bec24d6c336c76583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66777
x-xss-protection: 0
last-modified: Thu, 21 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Dec 2023 17:55:52 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/meredith-network/ 1 MB
85 KB 129ms
39ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Requested by: Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91c3a1477658a031f6abcd5b71fddaa2774e3284976ca2240440eda8f37069a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: SU62hfZwNbK8RY1GhxO3LWqt.ZHIJFSz
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:52 GMT
x-amz-request-id: 2QD68V6TC4F78J92
age: 6676
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 86947
x-amz-id-2: 9Mn+D0QfwAuBAqhJiXYcMW8MEv7nPgV7vIZFXwynX06gajRMn8NvkrhpphhKcqzWyYYmBk9KGK8=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 16:04:37 GMT
server: AmazonS3
x-timer: S1703181353.889468,VS0,VE0
etag: "7b15b476bc1cfe30bf86b5acc9107f28"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 81
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 5

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/meredith-network/ 59 KB
17 KB 76ms
75ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/meredith-network/newsroom.js
Requested by: Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae2e26dd5055b20d2b55e5efec136e5da433dc3a75df7d266467bb93c998f33f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:52 GMT
x-amz-request-id: C5SDFFWQ24ZBSZWM
age: 30
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17441
x-amz-id-2: d3ZOxBdVbaailoku1HPBaVmdTh05fZsrDRQ2cCah5/r+pDyTq9GJfPdYfxvOIQYA1ldZrDO3WQQ=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Thu, 09 Nov 2023 18:44:30 GMT
server: AmazonS3
x-timer: S1703181353.931012,VS0,VE1
etag: "6ee91e323bdb62abeae2a2117f8f9649"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 47DAA-RMGFC-4U4YY-9C4XF-UTQN5 Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 143ms
45ms Script
application/javascript 2a02:26f0:480:980::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/47DAA-RMGFC-4U4YY-9C4XF-UTQN5
Requested by: Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:980::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Wed, 13 Dec 2023 01:35:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 wvir.jpg
www.29news.com/pf/resources/images/mastheads/backgrounds/ 51 KB
52 KB 78ms
77ms Image
image/avif 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.29news.com/pf/resources/images/mastheads/backgrounds/wvir.jpg?d=377

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c038356f5dd062dc662f8b140c3fe86b5f1726ccc4c83edfc2022c02f6adc356

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Thu, 21 Dec 2023 17:55:52 GMT
strict-transport-security: max-age=86400
x-check-cacheable: YES
x-arc-request-id: 0.8c7d1302.1703181352.5c00ba1e
server-timing: cdn-cache; desc=HIT, edge; dur=27, origin; dur=0, ak_p; desc="1703181352854_34831756_1543551518_2698_10840_44_0_146";dur=1
content-length: 52730
last-modified: Tue, 19 Dec 2023 16:48:50 GMT
server: Akamai Image Manager
x-serial: 1877
etag: W/"dc617ededc1a6f4d944c275e2275789e"
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31359239
expires: Wed, 18 Dec 2024 16:49:51 GMT

GET
H2 200 wvir.svg
www.29news.com/pf/resources/images/mastheads/logos/ 7 KB
3 KB 67ms
66ms Image
image/svg+xml 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.29news.com/pf/resources/images/mastheads/logos/wvir.svg?d=377

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

66d7b2344b1aef077bbf6359f32faa055b4cba8d9f2d873a6b9cc04330f01749

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: IAD50-C2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.8c7d1302.1703181352.5c00ba24
server-timing: cdn-cache; desc=HIT, edge; dur=25, origin; dur=0, ak_p; desc="1703181352856_34831756_1543551524_2466_1302_44_0_146";dur=1
content-length: 2884
last-modified: Tue, 19 Dec 2023 16:44:01 GMT
server: openresty
etag: W/"8946c09575006a782d182025491807b7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: xm49KSvlrfBjrByV13kvhXZMXExljhGODypDLLSY-B6ILgJ6S-Hy-Q==
expires: Fri, 20 Dec 2024 17:55:52 GMT

GET
H2 200 privacyOptionsIcon.svg
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 2 KB
1 KB 86ms
85ms Image
image/svg+xml 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/images/privacyOptionsIcon.svg?d=377

Requested by

Host: gray-wvir-prod.cdn.arcpublishing.com
URL: https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=377

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: MIA3-P6
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.4bf01002.1703181352.2b6ef3dc
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703181352857_34664523_728691676_48_4942_40_0_146";dur=1
content-length: 781
last-modified: Tue, 19 Dec 2023 16:43:59 GMT
server: openresty
etag: W/"8051dee1dd72e78a9528a16c062cff66"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: aviy6BYODSAYnvujg98aKtTTr_WIdoh5DkqKO5UirYAl5SFZTxt2mQ==
expires: Fri, 20 Dec 2024 17:55:52 GMT

GET
H2 200 grayLogoHorizontal.svg
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 14 KB
5 KB 86ms
86ms Image
image/svg+xml 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/images/grayLogoHorizontal.svg?d=377

Requested by

Host: gray-wvir-prod.cdn.arcpublishing.com
URL: https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=377

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=377
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Thu, 21 Dec 2023 17:55:52 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: ATL58-P6
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.4bf01002.1703181352.2b6ef3dd
server-timing: cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="1703181352857_34664523_728691677_256_4880_40_0_146";dur=1
content-length: 5010
last-modified: Tue, 19 Dec 2023 16:43:59 GMT
server: openresty
etag: W/"4228f26a863969873e28bcee1a6a4ded"
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: DQv_g0grJ_yVydXTst0vUiWJHK6UcEexwpLhpF-BRulU9r3ZzDI4Zw==
expires: Fri, 20 Dec 2024 17:55:52 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 153 KB
154 KB 128ms
86ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5644b46d5d663155f02502683f9d4ed7d7b3885cb2b04fbc9f1ac9da0d0eff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin: https://www.29news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:52 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1785022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 156496
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-26350"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3M6ZQ9361u7RsUccOEd%2BE2UYU9%2BdfVw1fh3p6d8axco8cuj%2FF0pASfRRGxGPCnNH3fKIvcTdGgzLI9KdO6EYKpnOWvZViI0WHpQ5k%2FSuH22Vkp0%2BWKkPKEdOHH6EoCNAvPCQkgphige%2FPY8MdGRLMGI"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8391ff9faa3a9007-FRA
expires: Tue, 10 Dec 2024 17:55:52 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 25 KB
26 KB 88ms
47ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a302b34ce783fda0c1a493fe5161d2222b71d2409accaa88d454b866ba807ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin: https://www.29news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:52 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1776406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25452
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-636c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PUVAFQLaztFviySyp1fq2ePnP15bRmrVYFPRRMBowOPswQZbxLodrj5G9A0N6I0qkyaqWSjBsuzbgm%2F6EPVSa8KSBR36I1cH%2FpYouKIw5xOI8p0Ktb3Z%2Fagx1MPZlA%2F%2FBH%2F5%2BZDqvkhQ7mPxXIGj96Z"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8391ff9faa3c9007-FRA
expires: Tue, 10 Dec 2024 17:55:52 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 210 B
525 B 325ms
178ms XHR
application/json 2a04:4e42:600::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=nbc29.com&domain=29news.com&path=%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 189643b703e8b9eee685cdfebdb48515e9c4acad591e486d4d643c4031e24568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 21 Dec 2023 17:55:53 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 171
x-served-by: cache-sof1510030-SOF
x-timer: S1703181353.087492,VS0,VE121
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Tue, 19 Dec 2023 17:55:53 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 360ms
118ms Image
image/gif 3.210.129.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=nbc29.com&p=29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&u=DR9BiYCnRXGkCqsy8i&d=29news.com&g=39189&g0=%2Fnews%2Fcharlottsville-albemarle%2C%2Fnews&g1=Maggie%20Glass&g4=story&n=1&f=00001&c=0&x=0&m=0&y=3450&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&b=6688&t=DNjkKKmQDXjBCmTkjB78pOGDbCeAg&V=143&i=Crozet%20group%20knitting%20hundreds%20of%20caps%20for%20newborns&tz=-60&sn=1&sv=BVNNlTBY2abTCOwvj_DihdQVn6jVM&sr=external&sd=1&im=06072ffa&_
Requested by: Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.129.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-129-105.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 whitecloseicon.png
www.queryly.com/images/ 816 B
1 KB 46ms
46ms Image
image/png 2606:4700:20::681a:d56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.queryly.com/images/whitecloseicon.png
Requested by: Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:52 GMT
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 15:55:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4148
etag: "4c9d5a55c95da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpvnvVCo26Ww8ygeWzt%2F2KGR8YwjymKC7I53tUt4rx37dEcyRI%2BdZb%2Bqa11uriWNgS6%2BzhYueAWlXuyP%2BDusCzI%2FEAvx%2FJPIS44h4NGPwlA4A6uqA3%2FAP3T5vXPSF8bc3PqhzFVaath%2BYG3r2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8391ff9ff80e91fc-FRA
content-length: 816

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 210ms
123ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.29news.com
URL: https://www.29news.com/pf/dist/components/combinations/default.js?d=377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9388846167132174c6dc900a3f0353b4c3c16e95f6cd715de708b2a879eab7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29106
x-xss-protection: 0
server: cafe
etag: 569 / 19712 / 31080056 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 17:55:53 GMT

GET
H2 200 3793 Show response
config.aps.amazon-adsystem.com/configs/ 532 B
808 B 137ms
40ms Script
application/javascript 13.227.219.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3793
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-102.ams54.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0d39bbdcae43253b7e0d7a69841e70d8781ac7aaca5cd9a20fc9edbf5c643e76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:05:02 GMT
via: 1.1 edd6d90087c4f2b49e182778a2273adc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS54-C1
age: 3051
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 532
x-amz-cf-id: vhPU_Yx2P-ttmzWSp_XEJCTZyjxddhoX8empjHHKUtgA15hR5e18Rw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 49ms
49ms XHR
text/plain 52.222.175.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3793&u=https%3A%2F%2Fwww.29news.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.175.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-175-65.cdg50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:02:12 GMT
via: 1.1 24e6529ea30fbe719bde2164c1fe9238.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG50-P2
age: 17620
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.29news.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: _lIhhIt9tN0WtR9rCpssj1a1NKTcmOEsD8zDDL373XZ3el13OX83nQ==

GET
H2 200 wx-current-conditions-v3 Show response
www.29news.com/pf/api/v3/content/fetch/ 331 B
804 B 89ms
89ms XHR
application/json 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.29news.com/pf/api/v3/content/fetch/wx-current-conditions-v3?_website=wvir&filter=%7B%0A++imperial+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A++metric+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A%7D

Requested by

Host: www.29news.com
URL: https://www.29news.com/pf/dist/components/combinations/default.js?d=377

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

40ac0623afafeab3f145d8074502d9aef574eb35ec28fc719f14dd8e5087b788

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 120, 120
x-arc-pb-request-id: fc1e07c5-9dc8-457a-81e9-eb6532beabc8, fc1e07c5-9dc8-457a-81e9-eb6532beabc8
content-encoding: gzip
date: Thu, 21 Dec 2023 17:55:53 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: MIA3-P6
strict-transport-security: max-age=86400
x-arc-request-id: 0.8c7d1302.1703181352.5c00bb86
server-timing: cdn-cache; desc=HIT, edge; dur=48, origin; dur=0, ak_p; desc="1703181352993_34831756_1543551878_4767_2037_38_0_219";dur=1
content-length: 188
last-modified: Thu, 21 Dec 2023 17:52:52 GMT
server: openresty
etag: W/"14b-CDqRheFNFKMoCYV5X8TccD2KTdI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=0
x-amz-cf-id: oefVql2AZd2c90q-25zQyB1Jr7mZq7AAcCrRjQXfB_Y_nLcILa2Blw==
expires: Thu, 21 Dec 2023 17:55:53 GMT

GET
H2 200 gray.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/org/ 303 KB
80 KB 45ms
45ms Script
application/javascript 2600:9000:2646:fc00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaBoot.js?org=gray
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:fc00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58eb11807a0760c15d36291ca18203c79142810a3fc40062f249d36493b96617

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:50:57 GMT
content-encoding: gzip
via: 1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 19:12:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 297
x-amz-server-side-encryption: AES256
etag: W/"b25d4f4403a55e54cdec2123acc39c0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: vcmKGWm5sRW_qPpBpSciYghwwolEmwPOPlmJ6urb8wUgsxX0FALT6w==

GET
H2 200 load.js Show response
pm-widget.taboola.com/meredith-network/ 3 KB
1 KB 86ms
64ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/meredith-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bd3579eeaf1e873085949886f97191f13be80d67d7766a8ac927875d4814347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: FbNJI6yPQAn16Zf16RGpchpqyTa9VzjE
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:53 GMT
x-amz-request-id: 764C0HVZZHVBHSNJ
age: 2448
x-cache: HIT
content-length: 1174
x-amz-id-2: +2YopecSHYnN3p9IcE54RI+BCkp6/1aDDa/5tse3Ulv6Wl1Vaa9RylJPfWKOAhu2fmIXKHr9TX4=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Tue, 26 Sep 2023 09:38:22 GMT
server: AmazonS3
x-timer: S1703181353.055867,VS0,VE0
etag: "0daf4de83298a10d37f22ed08823308a"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 impl.20231221-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 828 KB
172 KB 39ms
39ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: fe663eec60a09befbe1ead3fbd8efea2cb0f4eceac379cf812c5e8f39bfe721b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: vNZAYZ60TOWTB9Ads6U8C7BOy9GG6RmI
content-encoding: br
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:53 GMT
x-amz-request-id: EMM5BFNFYB362KWK
age: 27329
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 175420
x-amz-id-2: Lgh07kTpye51zUfVgfA4CTj97giG8dvQjk3HF+3W3TSOsM/zSPVJ+D9gov0c8kl+eeMMGB5lqVo=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 10:13:58 GMT
server: AmazonS3-br
x-timer: S1703181353.034112,VS0,VE0
etag: "2e5fc0835e8fbe3a1c0438d18f279d96"
vary: Accept-Encoding
content-type: application/javascript
abp: 83
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 5129

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
30 KB 196ms
57ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 8379154
x-cache: HIT, HIT
content-length: 29875
x-served-by: cache-lga21967-LGA, cache-sof1510039-SOF
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1703181353.182076,VS0,VE0
etag: W/"28feccc0-14e55"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 14, 166456

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 132ms
38ms Image
image/gif 2600:9000:20ab:3e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=bhjriv_728x90_
Requested by: Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:3e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 c3919dfed58c39e6da91faec1344110c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 865570
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: gH0_lz5rgFr8lQIh1E9uPIoOL420_CT45EcdRA2k_PBEVM9YEqD-xQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
73 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-58WCCRN&l=RCdataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19b4567c452b6930d4bfed55a27a48f3239fb3528d662495755b4d62aa595496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74676
x-xss-protection: 0
last-modified: Thu, 21 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Dec 2023 17:55:53 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 3 KB
1 KB 170ms
76ms XHR
application/json 2a02:26f0:480:18d::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=47DAA-RMGFC-4U4YY-9C4XF-UTQN5&d=www.29news.com&t=5677271&v=1.720.0&sl=0&si=3990e8b1-d61e-4e5a-b42d-4d6e40c543c1-s6134y&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=677334
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/47DAA-RMGFC-4U4YY-9C4XF-UTQN5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:18d::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0c5187cc6a477a36cab6a784399fecbbb697fb6a6bc0e3d0a6fa9ff1da679954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 21 Dec 2023 17:55:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 885

GET
H2 200 34.svg
www.29news.com/pf/resources/images/weather/weather-condition-icons/svgs/ 7 KB
3 KB 46ms
46ms Image
image/svg+xml 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.29news.com/pf/resources/images/weather/weather-condition-icons/svgs/34.svg?d=377

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f9eb6c867550109c6cce3fd0c4b4cde28024919576f6149ebf86ca27d7f74fbb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 21 Dec 2023 17:55:53 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: IAD50-C2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.8c7d1302.1703181353.5c00bc7f
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1703181353088_34831756_1543552127_498_1639_38_0_146";dur=1
content-length: 2461
last-modified: Tue, 19 Dec 2023 16:44:01 GMT
server: openresty
etag: W/"1d595a6d45fb37eb0edbcc239e9c5510"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: M49HZFHchsH-SNnPf-kpSYw632vpaMfHREFApMvlNdF-pnTX0pWroQ==
expires: Fri, 20 Dec 2024 17:55:53 GMT

GET
H2 200 floors.json Show response
ads.pubmatic.com/AdServer/js/pwt/floors/161733/6819/ 11 KB
2 KB 128ms
43ms XHR
application/json 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/floors/161733/6819/floors.json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bcbe444cd040c8743cb06bfc39a94f8969129572d045cf8dd9e959355d383974

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 14:35:46 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: application/json
cache-control: public, max-age=10425
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1343
expires: Thu, 21 Dec 2023 20:49:38 GMT

GET
H2 200 findByUuid Show response
gray-config-prod.api.arc-cdn.net/video/v1/ansvideos/ 52 KB
4 KB 780ms
641ms XHR
application/json 2a02:26f0:3500:1b::1724:a389
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-config-prod.api.arc-cdn.net/video/v1/ansvideos/findByUuid?uuid=cdc8bff3-9cf2-4bc0-8d5a-810f4f274e22

Requested by

Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a389 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ec1cdd7ca3cc1a2b1ad4e76d425691cb0e7e4fc64cdc540772a17ba07f319fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; preload
x-cache-status: EXPIRED
x-org-rate-limit: 1200
content-length: 3780
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: https://www.29news.com
access-control-allow-methods: GET,HEAD
cache-control: max-age=300
access-control-allow-credentials: false
x-org-rate-limit-interval: 5 minutes
origin-type: Content
x-org-rate-limit-remaining: 1199
expires: Thu, 21 Dec 2023 18:00:53 GMT

GET
H2 200 MIN-516310.js Show response
apv-launcher.minute.ly/api/launcher/ 28 KB
12 KB 205ms
41ms Script
text/javascript 199.232.211.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://apv-launcher.minute.ly/api/launcher/MIN-516310.js

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.211.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.25.1 /

Resource Hash

66f807b4adc100789cbaea28bdd4b71ca60a1999d35d6d675a56f588c97b7e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 14 Dec 2023 14:10:15 GMT
date: Thu, 21 Dec 2023 17:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
age: 618337
x-cache: HIT, HIT
content-length: 10830
x-xss-protection: 1; mode=block
x-request-id: 41ef9bf2-7746-4bc4-8718-bfd4b2c3e9be
x-served-by: cache-iad-kcgs7200088-IAD, cache-fra-etou8220030-FRA
x-runtime: 0.421016
referrer-policy: strict-origin-when-cross-origin
x-debug-req-method: GET
server: nginx/1.25.1
x-timer: S1703181353.371300,VS0,VE1
etag: W/"66f807b4adc100789cbaea28bdd4b71c"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-debug-app-get: GET
x-debug-server-name: apv-launcher.minute.ly
access-control-allow-credentials: true
cache-control: max-age=30
accept-ranges: bytes
access-control-allow-headers: APP-GET,Content-Type
x-cache-hits: 44, 1

GET
H2 200 card-interference-detector.20231221-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 41ms
41ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20231221-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ad1bdac24ea6e213f86e8b70336ef3ca5304faa3f217ee2793a61b0d5fa58cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: oaCuNI02Yt2wmuUk6eMw7rAL4K0TwPco
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:53 GMT
x-amz-request-id: N2S1FGQVA64X5XC6
age: 27128
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2179
x-amz-id-2: CbWT0XET8LIhl1PIyWbiPzZ6boHBl5xd0/OM6mZBml042a7h+5HnQvghUETiOCAaIajhzO/emW4=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 10:23:45 GMT
server: AmazonS3
x-timer: S1703181353.208525,VS0,VE0
etag: "1973f962093024a77689ba38207e7895"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 61
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 25875

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 138ms
45ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 308368
expires: 60

GET
H2 200 json Show response
trc.taboola.com/graytv-wvirnbc29/trc/3/ 93 KB
24 KB 923ms
914ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-wvirnbc29/trc/3/json?tim=18%3A55%3A53.191&lti=deflated&data=%7B%22id%22%3A781%2C%22ii%22%3A%22%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1703174655526%2C%22vi%22%3A1703181353190%2C%22cv%22%3A%2220231221-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F%22%2C%22vpi%22%3A%22%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2836%2C%22nsid%22%3A%22meredith-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A20%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20New%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20New%22%2C%22cd%22%3A1878.265625%2C%22mw%22%3A938%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2CBelow%20Article%20Thumbnails%20New%3Dalternating-thumbnails-a%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 81256243b485bde43a971318444b81f847e21373692370e26c40178472614829

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 868
date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.8641666666666666
x-fastly-to-nlb-rtt: 7511
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220106-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1703181353.221196,VS0,VE868
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.29news.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pmk-20220605.54.js Show response
pm-widget.taboola.com/meredith-network/ 102 KB
29 KB 120ms
40ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/meredith-network/pmk-20220605.54.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/meredith-network/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 825d6725809a6a6a8b92fa000731e603b6db437bf29f0a2660676a33a5b711a2

Request headers

Referer: https://www.29news.com/
Origin: https://www.29news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 8zGCBaDMZLX7xDSKv1wuk218wwGF15XF
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:53 GMT
x-amz-request-id: J6BTWEC2RFWD6R2A
age: 1357847
x-cache: HIT
content-length: 28802
x-amz-id-2: PhGyVXvdM4SPOuTopynsT3HZdqcNKs0QeDvLFaz4TqwjIgQCi1LsBfsuTmaFBInm7o647QupW44=
x-served-by: cache-fra-etou8220114-FRA
last-modified: Tue, 26 Sep 2023 09:38:21 GMT
server: AmazonS3
x-timer: S1703181353.312812,VS0,VE0
etag: "67288be720224eccff98d354d0098a2d"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 7

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LQ23MJC9WT&l=RCdataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58WCCRN&l=RCdataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05d5dca5168fa7a88e420d431eaab7e5c944faa649fef021ecb22907929c63e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89489
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Dec 2023 17:55:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
41ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58WCCRN&l=RCdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Dec 2023 17:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2008
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Dec 2023 19:22:25 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 02:18:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56215
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 20 Dec 2024 02:18:58 GMT

OPTIONS
H3 200 441
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 182ms
140ms Preflight 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/441?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.29news.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.29news.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8391ffa21f5d0482-FRA
date: Thu, 21 Dec 2023 17:55:53 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H2 200 441 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 2 KB
1019 B 150ms
149ms XHR
application/json 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/441?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88b32005c1ec31716d19e0f8dbb05cbc666fe3b81ff87747a907af71b41cce5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"77a-wx4UAVSk5aJCMn0jAk6gLluFmZ8"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.29news.com
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8391ffa2fca09018-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

POST
H2 200 6109273b0afe6fdbf97fc4975656a95872f4206170382fc7 Show response
operationchicken.com/0/3b7a75/ 303 B
811 B 164ms
63ms Fetch
application/json 2600:1901:0:636d::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://operationchicken.com/0/3b7a75/6109273b0afe6fdbf97fc4975656a95872f4206170382fc7

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2bkp9Uun3-1LRAB_lzCZndpym_6H7eOtuB69j2DMKvsxBxYzTMW8Pcb8nw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:636d::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

4977ca47f80de98d06de8c53b58460c30df07b20dab8dee5c4f9be0b21d3b88c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Thu, 21 Dec 2023 17:55:53 GMT
via: 1.1 google
x-buildnumber: 1072352451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.29news.com
x-hostname: fen-hoothoot-europe-west1-spot-6lrn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Thu, 21 Dec 2023 17:55:52 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
245 B 135ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LQ23MJC9WT&gtm=45je3bt0v890211784z8813349527&_p=1703181352776&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=888579181.1703181353&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703181353&sct=1&seg=0&dl=https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&dt=Crozet%20group%20knitting%20hundreds%20of%20caps%20for%20newborns&uid=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.date_published=12%2F08%2F2023&ep.published_day=08&ep.published_month=12&ep.published_year=2023&ep.content_type=story&ep.primary_section_name=Charlottesville%20and%20Albemarle&ep.content_owner=wvir&ep.content_provider=wvir&ep.content_id=MQZR5OXLYFACBITBRWZT2ZVJ2U&ep.ad_target=%2Fnews%2Fcharlottesville-albemarle&ep.platform_name=PageBuilder%20Fusion%20-%20Arc%20Publishing&ep.author=Maggie%20Glass&ep.user_timezone_timestamp=Thu%20Dec%2021%202023%2018%3A55%3A52%20GMT%2B0100%20(Central%20European%20Standard%20Time)&ep.timezone_offset=%2B01%3A00&ep.content_name=Crozet%20group%20knitting%20hundreds%20of%20caps%20for%20newborns&ep.content_keywords=&ep.distributor_name=Gray%20TV%20Stations&ep.distributor_category=staff&ep.distributor_subcategory=&ep.distributor_reference_id=&ep.distributor_model=custom&ep.output_type=default&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&tfd=7126
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQ23MJC9WT&l=RCdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 146ms
49ms Ping
text/plain 2a00:1450:400c:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LQ23MJC9WT&cid=888579181.1703181353&gtm=45je3bt0v890211784z8813349527&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQ23MJC9WT&l=RCdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 154ms
65ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LQ23MJC9WT&cid=888579181.1703181353&gtm=45je3bt0v890211784z8813349527&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=225953630

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 466ms
364ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&pid=4yTP8ifa8Q9Z6&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-gbS1yQwTS0JQRR9FByn-6aMqZgrKm5ct0tpZtUVnRG-ECviux9%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fnews%2Fcharlottesville-albemarle%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: NJT1TEC2WVJGB8VZZYV8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.29news.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Y7xyU_tYFe-BF09RNhDM5Ih_M5gXM7qY-DYGkSVBRJiWge8eXvU7xg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 247ms
147ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&pid=4yTP8ifa8Q9Z6&cb=1&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-gDt3dZFDZ_cAQUMNprBalsER55U-Nijl7d6fDDjyuiPcb1NMHJ%22%2C%22s%22%3A%5B%221024x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fnews%2Fcharlottesville-albemarle%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: K8XKR2FAEG7Z830Z2B79
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.29news.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: nhX0Gefp1_mK5SKEGLSbVLd2IjTJz9H3ikRTBp4Y_oBeJoT7zAih9A==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 247ms
149ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&pid=4yTP8ifa8Q9Z6&cb=2&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-JdoWlCWV8Mb4tASJEPKjStymxHk8xI3Nly1Ms5gq8Wh9GNYiMc%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fnews%2Fcharlottesville-albemarle%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: DPM6T6HJ163F9XKDSNXQ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.29news.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: RkLuafOHssIsQDUwDacbuF2_jl8V24wdMlCdiyyD76d3HLaTDlRhcQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 243ms
147ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&pid=4yTP8ifa8Q9Z6&cb=3&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-A2lHwldE_RRxGRDhr2FwMgvQPGZP9CymlMvKvC3xqQaSantObp%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fnews%2Fcharlottesville-albemarle%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: VJWX5CHFG6940K3NXJZZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.29news.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: u2u2ECIqtpJC-JgeEUZeCgH6asUZuAwHMFTpLKja_bNT8tACXt6JUA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 238ms
146ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&pid=4yTP8ifa8Q9Z6&cb=4&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-W2p9oFeGNVdRZgvf1S9MhsERiL45OkGxAHIRHK_sL1_lk0xNcC%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fnews%2Fcharlottesville-albemarle%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: 0KAW0RB86SZTA882YPDS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.29news.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: SlHxLzUg-zNoL-vcsl3N8xOzdJRTXSWyBZwZn9MzfVqA-c2QU_Lnzg==

GET
H2 200 mi-scraper-1.17.0.32.js Show response
snippet.minute.ly/publishers/gray_group/ 89 KB
28 KB 160ms
61ms Script
application/javascript 2606:4700:20::681a:bda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.minute.ly/publishers/gray_group/mi-scraper-1.17.0.32.js
Requested by: Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-516310.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 790e90d45636000ad24f407cb54e878f2a793a795fbf95497396074aa0d39ddb

Request headers

Referer: https://www.29news.com/
Origin: https://www.29news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y2D1XN7SFMDJMPJS
age: 2599344
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-id-2: rWLsRYGEaH2TWDNAQ/v6SUziAk57Z+qqp06+TqiVFyaP8wC0MG1UH4LN/YW01YQRZ0qx4b3jnEc=
x-served-by: cache-iad-kcgs7200020-IAD, cache-fra-eddf8230038-FRA
last-modified: Wed, 10 May 2023 08:47:33 GMT
server: cloudflare
x-timer: S1703181354.537442,VS0,VE0
etag: W/"60cdfd1f3dea6013e68c22afa83110bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dG7E%2FfHisUjXGRFtvF%2FDdE75bexjr5k37rLLV%2B4R4aWiwebFy6g%2BgENnnERBzyT%2BlSKSYbmD18Z6fvPnv9DGwGgr79Tg1epNoZlxSuLF%2F6TwTgasWt6s%2FpYt45%2FAIglsFH5q1nQ861T01tuR1gU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8391ffa38a8c3610-FRA
access-control-allow-headers: content-type
x-cache-hits: 39, 2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 47ms
46ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=246630035&t=pageview&_s=1&dl=https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&ul=en-us&de=UTF-8&dt=Crozet%20group%20knitting%20hundreds%20of%20caps%20for%20newborns&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=514940809&gjid=480504345&cid=888579181.1703181353&tid=UA-82494642-170&_gid=1559038338.1703181353&_r=1&_slc=1&gtm=45He3bt0n8158WCCRNv813349527&cg1=%2Fnews%2Fcharlottesville-albemarle&cg2=story&cg3=wvir&cg4=MQZR5OXLYFACBITBRWZT2ZVJ2U&cd1=12%2F08%2F2023&cd2=08&cd3=12&cd4=2023&cd5=story&cd6=1&cd7=Charlottesville%20and%20Albemarle&cd8=wvir&cd9=wvir&cd10=MQZR5OXLYFACBITBRWZT2ZVJ2U&cd11=%2Fnews%2Fcharlottesville-albemarle&cd12=PageBuilder%20Fusion%20-%20Arc%20Publishing&cd13=Maggie%20Glass&cd14=A%20group%20of%20women%20in%20Crozet%20have%20been%20gathering%20for%20years%20to%20knit%20caps%20for%20newborns%20at%20Sentara%20Martha%20Jefferson%20Hospital.&cd16=Thu%20Dec%2021%202023%2018%3A55%3A52%20GMT%2B0100%20(Central%20European%20Standard%20Time)&cd17=%2B01%3A00&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&cd19=Crozet%20group%20knitting%20hundreds%20of%20caps%20for%20newborns&cd35=Gray%20TV%20Stations&cd36=staff&cd39=custom&cd40=default&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=463809826

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 49ms
48ms XHR
text/plain 2a00:1450:400c:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-82494642-170&cid=888579181.1703181353&jid=514940809&gjid=480504345&_gid=1559038338.1703181353&_u=YCDACEAABAAAACAAI~&z=782457177

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Dec 2023 17:55:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 272614f6ab12b3da371c92d37e1006f0911fb717ea5 Show response
operationchicken.com/533e3faba03/ 3 B
66 B 58ms
57ms Fetch
application/json 2600:1901:0:636d::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://operationchicken.com/533e3faba03/272614f6ab12b3da371c92d37e1006f0911fb717ea5

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2bkp9Uun3-1LRAB_lzCZndpym_6H7eOtuB69j2DMKvsxBxYzTMW8Pcb8nw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:636d::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Thu, 21 Dec 2023 17:55:53 GMT
via: 1.1 google
x-buildnumber: 1072352451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.29news.com
x-hostname: fen-hoothoot-europe-west1-spot-6lrn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Thu, 21 Dec 2023 17:55:52 GMT

OPTIONS
H3 200 787
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 155ms
155ms Preflight 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/787?story_url=https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&visitor=9su8yswl15tfqmwc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.29news.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.29news.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8391ffa40abf0482-FRA
date: Thu, 21 Dec 2023 17:55:53 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

POST
H3 200 787 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
525 B 209ms
208ms XHR
application/json 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/787?story_url=https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&visitor=9su8yswl15tfqmwc

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b52d62e49ea4153c0b7204ddf829d6cdab0c33d2ba75acfa5ffdb45f9d4462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"41-ctjGMBFs7qD/6QhKB/i4qa2n3sI"
access-control-max-age: 36000
vary: X-HTTP-Method-Override
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.29news.com
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8391ffa50d77bb61-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H3 200 iframeResizer.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 11 KB
5 KB 59ms
58ms Script
application/javascript 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vz.1.108.14-67f1d066&p=787

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1027
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 12:24:11 GMT
server: cloudflare
etag: W/"2e2f-18c8c555208"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 8391ffa40c3ebb61-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 20 Dec 2024 17:55:53 GMT

GET
H3 200 state-machine.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 56ms
56ms Script
application/javascript 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vz.1.108.14-67f1d066&p=787

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1027
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 12:24:11 GMT
server: cloudflare
etag: W/"f2a-18c8c555208"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 8391ffa40c42bb61-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 20 Dec 2024 17:55:53 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/base/ 16 KB
5 KB 59ms
59ms Script
application/javascript 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vz.1.108.14-67f1d066&p=787

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 1026
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Dec 2023 13:36:20 GMT
server: cloudflare
etag: W/"8abb-18c447e5b94"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 8391ffa40c45bb61-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 20 Dec 2024 17:55:53 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/embedded/ 2 KB
1 KB 157ms
157ms Script
application/javascript 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vz.1.108.14-67f1d066&p=787

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: MISS
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 12:24:11 GMT
server: cloudflare
etag: W/"19c7-18c8c55520c"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 8391ffa40c48bb61-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 20 Dec 2024 17:55:53 GMT

POST
H2 200 _.gif
counter.snackly.co/ 0
38 B 255ms
150ms Ping
image/gif 2606:4700:10::6816:49ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/gray_group/mi-scraper-1.17.0.32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://www.29news.com
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8391ffa4bdce65dd-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 21 Dec 2023 17:55:53 GMT

POST
H2 200 _.gif
counter.snackly.co/ 0
246 B 253ms
149ms Ping
image/gif 2606:4700:10::6816:49ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/gray_group/mi-scraper-1.17.0.32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://www.29news.com
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8391ffa4bdcd65dd-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 21 Dec 2023 17:55:53 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 48ms
48ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 49ms
49ms XHR
text/plain 2a00:1450:400c:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-81117537-17&cid=888579181.1703181353&jid=1479412905&gjid=2090309483&_gid=1559038338.1703181353&_u=ACCAgEABCAAAAGAAI~&z=2005317798

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Dec 2023 17:55:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 205ms
91ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=331
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.29news.com
date: Thu, 21 Dec 2023 17:55:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
699 B 133ms
41ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

5212b58cee8799630e2c7aaa58a31368ca5cdbff722dcbff81b60e519dda138f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
an-x-request-uuid: 2f98834f-154b-40bb-bda8-c897ef087c19
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
315 B 158ms
87ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab1a6a9428cd4b61a2e2f87ad0006b31bde0742bab5fb0eef41da0d41c43d022

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0A%2FQY16U%2FG9ZC5oQDMOv52a9gS1JKgu7HqVagsFp5VB%2FUyNPpwX2iQGxrnEVj4u9Vn4xflNRT0QlQhzKl6gXAah5EVGMjtJsyYYOiFIQW%2BicMOmYS8%2BYC%2BjegyF6xtrkhzDvKm%2FY"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.29news.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8391ffa4dfb84516-TXL
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
698 B 186ms
99ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

964331b5d63effd3d07e07a8b95d9952fa639ec107239ad121234b47abd97692

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
an-x-request-uuid: 5de111e3-2a66-404b-b3b7-e6912399e9d4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
539 B 153ms
86ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69dd23781bc7bf1732f356b9885cdf722991af8ae7fdc450522529e5d60cc5c1

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hmr0rwpekahMFmLa56uaSJls5wb0qinEp0dDcJim2EN9bgZAJ2iO3GHimJ566WTQgfpUsFB9ds8Sh153lfmUdgQnjJvXKPDKP8qu9XlEeHQGKB5L6hDfAry3zfFJxb1f9zBv4EZq"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.29news.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8391ffa4dfbc4516-TXL
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 152ms
49ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=613
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.29news.com
date: Thu, 21 Dec 2023 17:55:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
316 B 158ms
95ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b407b0f6d56031e885d9f606abecaf2453e3a9ef427676c89c0f0cd995b16fe

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLhZvVFjTqdbHO5JjZQyTWVEXwt2m8f7DB1EhuMuLGxStAINY4M%2Fyx%2BrQdTsT8M17ex%2FMwmWhTINlTK5YIIpg1AlM1l4coAf%2BwNHckf7nTScM6Die%2FWbA15jixA9p2MB8j8gLGxo"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.29news.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8391ffa4dfbf4516-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
699 B 124ms
42ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

c63c9ec62861ab2e86c12aa717e568126cf51054db9549b0f25d572fc51ae58c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
an-x-request-uuid: 0fecebec-b6f8-4eb8-83ba-51a6ef4ffa4f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
699 B 121ms
43ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

3aa4ca6695d8ae0c001c53cc99ff1e93eb5efc8fa8948e6a2577299cdd96f428

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
an-x-request-uuid: 640f6427-9a7d-4b26-bce4-e162ae56cc56
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 147ms
49ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=420
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.29news.com
date: Thu, 21 Dec 2023 17:55:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
312 B 293ms
235ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc321b856433aed192a3c40bcdf0c2177c5bf2a9a9d40e23d464d2da34f23d49

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDnFHpeIzxzIlyRYKy5wgVlB17EdTLWEiwvYiSl51%2FvZzM8%2BCHs7KcD7PG%2B8Wv%2BHXTcECYqKST35xBLhhs34sPJd4mqJakPgXGAI7DGvZdyi2gd8kg8VPFHNXrfLLuKqobo0fxLO"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.29news.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8391ffa4dfc14516-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 /
684dd312.akstat.io/ 0
202 B 129ms
128ms Ping
image/gif 2a02:26f0:480:980::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd312.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/47DAA-RMGFC-4U4YY-9C4XF-UTQN5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:480:980::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
content-type: image/gif
access-control-allow-origin: https://www.29news.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Thu, 21 Dec 2023 17:55:53 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 402ms
402ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24d7b5b06e434d95e42be981ab996ef57a262441131afa1239937b5e00afb65c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10574
x-xss-protection: 0
google-lineitem-id: 6417366469
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138455052152
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 178ms
91ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbbb9e9c147208dceafb824ca1bb07efeab0122fb9561e3320ec773eaa655fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12201
x-xss-protection: 0

GET
H2 200 container.html Show response
ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9226 6 KB
3 KB 165ms
49ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:55:53 GMT
expires: Fri, 20 Dec 2024 17:55:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6816 52 KB
17 KB 139ms
40ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 44656
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 21 Dec 2023 17:55:53 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 339, 300289
X-Served-By: cache-lga13626-LGA, cache-fra-etou8220049-FRA
X-Timer: S1703181354.967992,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 150B 16 KB
6 KB 42ms
42ms Document
text/html 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=138318
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Thu, 21 Dec 2023 17:55:53 GMT
expires: Sat, 23 Dec 2023 08:21:11 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FCA2 52 KB
17 KB 139ms
41ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 44656
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 21 Dec 2023 17:55:53 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 339, 316998
X-Served-By: cache-lga13626-LGA, cache-fra-etou8220106-FRA
X-Timer: S1703181354.970050,VS0,VE0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 00AA 3 KB
1 KB 115ms
46ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8391ffa6195f4510-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Dec 2023 17:55:53 GMT
expires: Thu, 21 Dec 2023 21:55:53 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 6B83 3 KB
2 KB 109ms
42ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8391ffa619624510-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Dec 2023 17:55:53 GMT
expires: Thu, 21 Dec 2023 21:55:53 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 89E5 52 KB
17 KB 134ms
41ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 44655
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 21 Dec 2023 17:55:53 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 339, 297242
X-Served-By: cache-lga13626-LGA, cache-fra-etou8220036-FRA
X-Timer: S1703181354.967898,VS0,VE0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame CE22 3 KB
1 KB 110ms
44ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8391ffa6195d4510-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Dec 2023 17:55:53 GMT
expires: Thu, 21 Dec 2023 21:55:53 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 33A9 16 KB
6 KB 43ms
43ms Document
text/html 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=138318
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Thu, 21 Dec 2023 17:55:53 GMT
expires: Sat, 23 Dec 2023 08:21:11 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 18EC 52 KB
17 KB 130ms
39ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 44656
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 21 Dec 2023 17:55:53 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 339, 312876
X-Served-By: cache-lga13626-LGA, cache-fra-etou8220054-FRA
X-Timer: S1703181354.967619,VS0,VE0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 644 B
332 B 659ms
659ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

614ed92717f9297ec76775d163a45d9df0db0282485144f5cc4efa1df9511a1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
308 B 72ms
72ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a49c241474f6fcf10a482b6a13e69b4312f9e452f64e908b6ff3c794fb81d09

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fx1yKdPAeRjhXA65tnKyt6kNjTEdTFFBq7XCmL1piz7gDwxilV%2FNQMe8K%2BavEqFtA0cifgnSGnh3OXjpvfANZ63Zw7P6v1u2RdebpfeLCL7fg0XgMHmodQkD5KhFPqvv5kBG1sCX"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.29news.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8391ffa5c9d04516-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 48ms
48ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=100
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.29news.com
date: Thu, 21 Dec 2023 17:55:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
699 B 39ms
39ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

da956cd20c0ce066a1989a1dba2de8d8d789c4396bf4bc450e24ee00a9760779

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
an-x-request-uuid: 19e891ad-7b15-4d92-a583-b923004c4d86
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 894ms
894ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcbedbe279a0cec2c07f1ef374dc08d00c76d30cd2a9138f1a5b9ca7331f0ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10408
x-xss-protection: 0
google-lineitem-id: 6417366469
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138454948647
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 150B 0
42 B 151ms
41ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36045848&p=161733&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
content-length: 0

GET
H2 200 flight-time Show response
gray-config-prod.api.cdn.arcpublishing.com/content/v4/geo-restrictions/ 122 B
487 B 520ms
329ms XHR
application/json 2.17.22.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-config-prod.api.cdn.arcpublishing.com/content/v4/geo-restrictions/flight-time?_id=cdc8bff3-9cf2-4bc0-8d5a-810f4f274e22

Requested by

Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.22.25 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-22-25.deploy.static.akamaitechnologies.com

Software

/ Express

Resource Hash

4d58903f2b2fcbd3dc9adbe40c77cd0d3926f9d1b96394ad957ece8edffd7a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

arc-organization: gray
date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: gzip
arc-service: api
strict-transport-security: max-age=31536000 ; preload
x-powered-by: Express
arc-context: index
arc-deployment: gray
arc-org-env: gray
arc-route: /content
arc-servername: api.gray.arcpublishing.com
arc-org-name: gray
content-length: 103
etag: W/"7a-ddL8XBPTO8yZOpvdqGyzW9uq4q8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
arc-environment: index
cache-control: max-age=30
arc-application: Content
expires: Thu, 21 Dec 2023 17:56:24 GMT

POST
H2 204 beacon
powa-ingest-prod-us-east-1.video-player.arcpublishing.com/ 0
144 B 397ms
145ms Ping
text/plain 3.229.112.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powa-ingest-prod-us-east-1.video-player.arcpublishing.com/beacon
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.112.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-112-134.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Dec 2023 17:55:54 GMT
access-control-allow-credentials: false
server: awselb/2.0
access-control-allow-headers: *
access-control-allow-methods: *

GET
H2 200 hls.min.js Show response
gray.video-player.arcpublishing.com/vendor/hls.js/0.14.17/ 235 KB
71 KB 160ms
54ms Script
application/javascript 18.66.218.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gray.video-player.arcpublishing.com/vendor/hls.js/0.14.17/hls.min.js?org=gray
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.218.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-218-55.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b7a5a4cc369fbf887fc098793578f308d0b3e1f51c6fdb5765e5b433e1dfc89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:06 GMT
content-encoding: gzip
via: 1.1 e31789b52c3bffe83f120731f2480f30.cloudfront.net (CloudFront)
last-modified: Wed, 01 Sep 2021 19:07:50 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P2
age: 62
etag: W/"a24f5fb37dd7ea415852c047b89dbe86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-id: nhVGH2N5YC2yCP-mDA6ppW7OmX-4VzLVNxUoMZplYaIHYP4xCjhGoA==

GET
H2 200 https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-08-2023%2Ft_6d6bf20cc84a4dcf9abbaec02e57ed00_name_file_1280x720_2000_v3_1_.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 119 KB
120 KB 565ms
564ms Image
image/avif 2a02:26f0:480:c::210:f18b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-08-2023%2Ft_6d6bf20cc84a4dcf9abbaec02e57ed00_name_file_1280x720_2000_v3_1_.jpg?auth=b8b38557c6695e9aa5d2168e1181ede1e0b75bf52624297b3e540752906a4f93&width=1920&height=1080&smart=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

01ecae2ce741dd849e86f1dac3d1c5003cc24a2d42be8773f6d99d5d45575c70

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Thu, 21 Dec 2023 17:55:54 GMT
strict-transport-security: max-age=86400
last-modified: Tue, 12 Dec 2023 04:18:50 GMT
server: Akamai Image Manager
etag: "079f829e17a4d3d620fbe2249a54b1ba"
x-arc-request-id: 0.4bf01002.1703181353.2b6ef8c0
content-type: image/avif
cache-control: private, no-transform, max-age=30709345
server-timing: cdn-cache; desc=HIT, edge; dur=517, origin; dur=0, ak_p; desc="1703181353961_34664523_728692928_51567_7922_44_0_146";dur=1
content-length: 121703
expires: Wed, 11 Dec 2024 04:18:19 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 1287ms
1286ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ae9d5299a359368ab3b399a1dd962f499cca47dded0d578e4b1deb938420387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10393
x-xss-protection: 0
google-lineitem-id: 6417366469
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138454948653
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

results.txt Show response
kd7qozk7mu3ggzmepqva-pmf2el-f52f0093f-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pmf2elvmh
https://kd7qozk7mu3ggzmepqva-pmf2el-f52f0093f-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

182ms
41ms

XHR
text/plain

95.101.54.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kd7qozk7mu3ggzmepqva-pmf2el-f52f0093f-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 95.101.54.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-145.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 21 Dec 2023 17:55:54 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://kd7qozk7mu3ggzmepqva-pmf2el-f52f0093f-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Thu, 21 Dec 2023 17:55:54 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqjiathaajekqce3ydkaaaczsyi7bk-pmf2el-d684f48e6-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pmf2elvmh
https://fiaqjiathaajekqce3ydkaaaczsyi7bk-pmf2el-d684f48e6-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

429ms
39ms

XHR
text/plain

2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqjiathaajekqce3ydkaaaczsyi7bk-pmf2el-d684f48e6-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 21 Dec 2023 17:55:54 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqjiathaajekqce3ydkaaaczsyi7bk-pmf2el-d684f48e6-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Thu, 21 Dec 2023 17:55:54 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 638 B
328 B 1567ms
1566ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca0797979b9b0f0f5229c97d01e91d6a8231997db2ef82f39c066cad10e29b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 297
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame B587
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

90ms
90ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cce80146bbbeb6ed455eb29987cd7c45cc2efe447313aa75f8305c647b41916

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8391ffa6ec334528-TXL
content-encoding: br
content-type: text/html
date: Thu, 21 Dec 2023 17:55:54 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rmqRaMu856grIcAPgE3IJj%2FuQJKg4oYfh7PwJH8eEHacmohvsB5K4fnM%2BUERZ52pM%2FAwMGtZn0K%2BGpDfX1xkvWxvyxXe7OyvqpVKIXW1Pfmd9mdJKiiLEY9AGrTak8vhLdNXV9jupJc1g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8391ffa66b284516-TXL
content-length: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYDPx2%2FDn%2FfXvUUogNt6VjYoBLCqNJxx40OX9qqKm7RT0sl0QgeOCnjM8Tb6VVrYkWUAjpU1Xb%2BrSfRY%2FpquUz3bcqqJPGz1pCBgbpKszt5ztWFFvWLA1HeuOeoi%2BMQ%2BDLydvXhU3IuAAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 4890
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

79ms
79ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3ad61682ad500c26802c97e1b7367dfb0b71a2e0534299b3bd1f21732e1d66

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8391ffa6ec3c4528-TXL
content-encoding: br
content-type: text/html
date: Thu, 21 Dec 2023 17:55:54 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mBbH%2F38qhF4Iki7APLRDwu%2FP9cfonL9v1WxTRyjeUhqihV8ozLu8ynzHZZKq4PAI2QT1FwI5Bghhz0aTnLTX7PLP9QxeHckRIp8B1BJoBaAdqRuGninxliZaF2dyU5LCTyIjYMqMQVxpA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8391ffa66b254516-TXL
content-length: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMTEYMU1cdyQoOZMDLDb0X%2Bs9SNrGgHmnkkZUjZfuTzfUWVx7%2F2xID1RDtorEW3WKItiboRkowdVBZa5RT%2BV8uORK60ToRxCnni0UXE0aZy5k618xP54mCAtWTHNjO%2FQ5crQpp6%2BcLkJXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 90D9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

69ms
69ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dbf325c52133238de40978355c8336b6259d555ea6d1866bdf8cf9b923eb384

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8391ffa6fc534528-TXL
content-encoding: br
content-type: text/html
date: Thu, 21 Dec 2023 17:55:54 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWNWlAL4%2FLypCTwTqkqzY8f6QY6eu%2FVxBPQDOOep6%2FBZe7PaLs6BxofOw%2FMeixCMU0oNqKA52DqcilOx52AHS7b3ticoGedVfHE8WON8fYoNpdqmVuMRkIdMG3JFtBRGBdQa7UjemsOfMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8391ffa66b354516-TXL
content-length: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urIhV7zUp1HA6LvrQMBV8NHaC9laFh9DLqQlOryMsNLFPFqziMttGzwCD6lXKktk%2FBrknRwWtUaZpZ9m1cmon4S02tl%2BV%2Bvy3UJIGlrcdwXf8EZOx4QxYmBNepa%2BVkI5dUavUSqIXUnztQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 18EC
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
644 B

38ms
38ms

Script
text/html

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
an-x-request-uuid: b2c2565f-652b-468c-8c2a-98d85a2bc17d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
an-x-request-uuid: 13289095-7fd0-47ce-92ee-5680b0fd84f4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 6816
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
645 B

45ms
45ms

Script
text/html

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
an-x-request-uuid: c8f50005-5bf1-4057-aaf5-6aa3d08b68dc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
an-x-request-uuid: eeda61f4-b7a5-4795-ac1b-999a994d0205
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 89E5
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
644 B

75ms
75ms

Script
text/html

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
an-x-request-uuid: 76e7f20f-31f9-4989-834d-9124eedb188c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
an-x-request-uuid: 0a534a7f-2906-46c7-9c16-3e889ad75b48
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame FCA2
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
643 B

39ms
38ms

Script
text/html

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
an-x-request-uuid: 3741ca75-deba-41ae-a821-e5de8aa7f772
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
an-x-request-uuid: 7c5243d8-1366-4959-86ca-4b3bd03dd2e1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 141ms
56ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 17:55:54 GMT

GET
H2 200 video-reel.js Show response
cdn.taboola.com/ui-ab-tests/video-reel/ 37 KB
11 KB 40ms
40ms Script
application/x-javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/video-reel/video-reel.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ab55d2712e56ad10ea10c4e34827267d960db15108f99a38280795499563314

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 4N0oOp_yfOU7skFWYLcz7rvq86XPRF8r
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:54 GMT
x-amz-request-id: 8H34YYX13X0B9BRN
age: 19507
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 11043
x-amz-id-2: ViYuMKAf+qItGKCnw6f5TYbeTH6m0Bk0t/gOe/SZswTu5PqwDY1VuNVG1YQIYa2tQK2bZrGTbSk=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 12:30:46 GMT
server: AmazonS3
x-timer: S1703181354.142565,VS0,VE0
etag: "abad2913cf6851e8f827c2c58ac2dadb"
vary: Accept-Encoding
content-type: application/x-javascript
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 5803

GET
H2 200 video-reel.css
cdn.taboola.com/ui-ab-tests/video-reel/ 12 KB
3 KB 39ms
39ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/video-reel/video-reel.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4898194e21038f32b77d621e873217a3e2d330231b652b55821aaaa9b5dfa9a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 1YS8ZgiKBrBCkiOqNLJ2v97RCP6l3PGt
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:54 GMT
x-amz-request-id: XCPK9T8EMKFWANZ8
age: 19509
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2567
x-amz-id-2: e2WXhTDBryGAdOkNXp0UPbilIxqtyiTM1BMPWV3YHGnSYUQHd0IdkM67PE4vipganA+mrcTKHAw=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 12:30:45 GMT
server: AmazonS3
x-timer: S1703181354.142389,VS0,VE0
etag: "669227a2548ba02df533c13e7108a184"
vary: Accept-Encoding
content-type: text/css
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 5634

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/meredith-network/ 1 MB
86 KB 45ms
44ms Fetch
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a15bc87b6a312852f56b3a067ddd636fd4cec4c41005be8dd7a8f68883e084e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: SU62hfZwNbK8RY1GhxO3LWqt.ZHIJFSz
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:54 GMT
x-amz-request-id: JJ7XZZX1A2Z61F4S
age: 6584
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 26
x-amz-replication-status: FAILED
content-length: 87366
x-amz-id-2: 0X9c3YuCl/iZOSjvRSUWxHp/TsO5TAsWyHsx4BQMxnyddB2VuJU37T35ZELV3g8UCFFB3WSbkJw=
x-served-by: cache-fra-etou8220114-FRA
last-modified: Thu, 21 Dec 2023 16:06:10 UTC
server: nginx
x-timer: S1703181354.144645,VS0,VE5
etag: "ce0c6fcb97d322a7b125572d3330d2cda78b9e88"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 19
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 UnitInstreamDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.6.6/ 121 KB
34 KB 84ms
84ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.6.6/UnitInstreamDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8178adf65407e2bbf4c98e4ff8eab4057f4c65044816377231c5a86d824ff561

Request headers

Referer: https://www.29news.com/
Origin: https://www.29news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P5
age: 171407
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 34235
x-served-by: cache-fra-etou8220114-FRA
last-modified: Tue, 19 Dec 2023 18:17:25 GMT
server: AmazonS3
x-timer: S1703181354.153627,VS0,VE0
etag: "ff066f56eefba82dd76c8f300a874293"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: CvaIcQOxPLjdPfqCBZbJCHP2-Umvx81XMMtO01xwVUEY_WYBcujBYA==
x-cache-hits: 11034

GET
H2 200 userx.20231221-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 42ms
42ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231221-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: accaceb4846ad583d1dc334d4bf843ce576b0f12359988cd0f7d316aa37813d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: LY9m_DPl3hqmiTkKZ7Yl5wxEwPoOYcKt
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:54 GMT
x-amz-request-id: QXCFQRZME942NPXA
age: 27163
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: ouw/MD6h/wHP2Lvfl5txZoY6bCY7+VQODetOAHIfvoMyUcPJFLYdVWMXJKARUgkPAuq0KyHRw90=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 10:23:10 GMT
server: AmazonS3
x-timer: S1703181354.153456,VS0,VE0
etag: "a6fe858fc0dabcbac4812bb9cb89967f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 83
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 17593

GET
H2 200 distance-from-article.20231221-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 42ms
42ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20231221-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6cb8130702088124b2c83acf10845c278984c8bd84ca17e22bebd4ebd5aa72e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: cNfVBsw4naCfT5P5ZBQV8d6yjRPwhv8H
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:54 GMT
x-amz-request-id: 6MRM3NDHT7JA531Z
age: 27132
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1131
x-amz-id-2: abVJH1SUJ2upQkRKWpMvxovtdbng7Giso/yA5UlTlwlMIJgM+3ZO6ZXh+pL/9Y8isojzQw4Z4GA=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 10:23:42 GMT
server: AmazonS3
x-timer: S1703181354.153521,VS0,VE0
etag: "5990ef30ccaa49a3b85c59d106da0c9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 1
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 65482

GET
H2 200 article-detection.20231221-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 41ms
41ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20231221-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49da2800a745ccd79fa0495be32c6221c15e109d91e0544caafb129913fe325e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: UifYiWIBfCC_cImLst.usY6v1iUgGOx9
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:54 GMT
x-amz-request-id: H5F5BWTPJ7C6GGN4
age: 27126
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: Hp5hQNMtMMmWqUbvXtLVaKDw+2pMYSaKfkez+2GRgZpf2Od5EyOwH8qS9gxyXCY3Fs5yTEUwRYE=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 10:23:49 GMT
server: AmazonS3
x-timer: S1703181354.154040,VS0,VE0
etag: "ccb51cd2aa71dd52aeeac37916f047ef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 21
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 65420

GET
H2 200 feed-card-placeholder.20231221-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 43ms
43ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20231221-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa47780143a54c056a03fed58a8b7eb0e99c340b9b6b6a3409f360912e6a06d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: o.KrgfcNjEm.UTrQNpKAzc7RRXTeLcDm
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:54 GMT
x-amz-request-id: APFNN0QW20NYEGAS
age: 27137
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: B+cuoNkUK84MrWO28lj8esCis/3jwKj5JgNYhqXkld3FCzoe4Kaujx4htG5sxudyMIuGJ/VljWs=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 10:23:37 GMT
server: AmazonS3
x-timer: S1703181354.155534,VS0,VE0
etag: "c13d8d5ed324fc15f4a726be2c418fef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 97
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 64477

GET
H2 200 explore-more.20231221-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 39ms
39ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20231221-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f0e0e0a345c71362655aec8ec60b105bc69e4e846351623ba7fa7b60884c4d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: S3os2HvU6GL0d0FaCY1Az2hfHZCg3aYj
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:54 GMT
x-amz-request-id: AKKK8YXXXWTY7J24
age: 27136
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7706
x-amz-id-2: QaJnWy3mWbc2YpwQzbqpik76fj6he1ZUuwHom9AipcbSlCP2+DgcmhKMyfzEo/rHpM7N7ngCYiE=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 10:23:39 GMT
server: AmazonS3
x-timer: S1703181354.163635,VS0,VE0
etag: "6ca83b93502a9f0fc425dc557cbb8cbf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 28
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 24203

GET
H2 204 supply-feature
am-trc-events.taboola.com/graytv-wvirnbc29/log/3/ 0
230 B 160ms
44ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-wvirnbc29/log/3/supply-feature?route=AM:AM:V&tvi2=4948&tvi48=10638&tvi50=14585&lti=deflated&ri=2decd32e687058878327f8a75b602f2e&sd=v2_5709cac23b636cdf875fa9ab85b3d4a9_bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9_1703181353_1703181353_CNawjgYQkr1ZGOaBlOzIMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABo06-UtbOljN4acAA&ui=bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9&pi=/2023/12/08/crozet-group-knitting-hundreds-caps-newborns&wi=-4696034765452806373&pt=text&vi=1703181353190&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A55%3A54.143&id=2227&llvl=2&cv=20231221-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 40ms
39ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:54 GMT
x-amz-request-id: Y1PG8J215N22T8P1
age: 93
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1703181354.180042,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 45
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 130

GET
H2 204 social
am-trc-events.taboola.com/graytv-wvirnbc29/log/3/ 0
230 B 148ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-wvirnbc29/log/3/social?route=AM:AM:V&tvi2=4948&tvi48=10638&tvi50=14585&lti=deflated&ri=2decd32e687058878327f8a75b602f2e&sd=v2_5709cac23b636cdf875fa9ab85b3d4a9_bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9_1703181353_1703181353_CNawjgYQkr1ZGOaBlOzIMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABo06-UtbOljN4acAA&ui=bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9&pi=/2023/12/08/crozet-group-knitting-hundreds-caps-newborns&wi=-4696034765452806373&pt=text&vi=1703181353190&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Crozet%20group%20knitting%20hundreds%20of%20caps%20for%20newborns%22%2C%22sec%22%3A%22Charlottesville%22%2C%22aut%22%3A%5B%22Maggie%20Glass%22%5D%2C%22img%22%3A%22https%3A%2F%2Fgray-wvir-prod.cdn.arcpublishing.com%2Fresizer%2Fv2%2FTBFYFCGUANC27AID2Z4AUFCW64.jpg%3Fauth%3D3db8b733b6a6a495b2c004ca343d21392f9dd30bf70ee0f86f83342eec74498b%26width%3D1200%26height%3D600%26smart%3Dtrue%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A55%3A54.170&id=532&llvl=2&cv=20231221-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 90D9
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYR8Kr5NX2qgqrzxiEBP0wAA%263344&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYR8Kr5NX2qgqrzxiEBP0wAA%263344&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=134768e379bf4e9daf40c51ad6999e93
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
362 B

143ms
43ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:53 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 230383
expires: Thu, 21 Dec 2023 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Thu, 21 Dec 2023 17:55:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 90D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYR8Kr5NX2qgqrzxiEBP0wAADRAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZYR8Kr5NX2qgqrzxiEBP0wAADRAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKLoIla8SAj2qjP7BxLzOM4&google_cver=1

43 B
736 B

66ms
66ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKLoIla8SAj2qjP7BxLzOM4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ed5cDy8w95GsrqClUW5tSx%2FRNH9iJuC5yhdG96KVCD8TMEq62X%2BVtRFwrxRvpymkxhxb0gf99MtCAwXPZQgux6LTSZdcFlNVUSAFw3TtYfck%2BuiZgaIGNaxqCinSw%2FV0IGC%2Bf8tOtolbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8391ffa8e96c4528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKLoIla8SAj2qjP7BxLzOM4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 90D9
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8Kr5NX2qgqrzxiEBP0wAADRAAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8Kr5NX2qgqrzxiEBP0wAADRAAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

146ms
146ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8Kr5NX2qgqrzxiEBP0wAADRAAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Dec 2023 17:55:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: D5YPE4ZMRDXD249EGAXY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Dec 2023 17:55:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P270D915QE25P17WFYKE
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8Kr5NX2qgqrzxiEBP0wAADRAAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 90D9 70 B
148 B 226ms
107ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 90D9
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ok8_RqMZNRO5TmJDoU0qQ6UeY0G5TTdBoUNkQyLh

43 B
734 B

80ms
80ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ok8_RqMZNRO5TmJDoU0qQ6UeY0G5TTdBoUNkQyLh
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qBTo9MKa%2BW1%2BdNMVJr6bRGgeg%2F4Zot619ynSflTSTNXgTIepJKtdyeIK0aBqeJU02cmp9fTmJi64iWd9DPcwe51r3C0mGJehBCycHrw5TvQ%2FbBYyahrjLaWy9BBGUr013Php%2Bll9NtYzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8391ffa8b8f54528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ok8_RqMZNRO5TmJDoU0qQ6UeY0G5TTdBoUNkQyLh
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 90D9 42 B
181 B 193ms
57ms Image
image/gif 2a05:d018:cc3:fe04:1a4f:40b4:84ae:b1d5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:1a4f:40b4:84ae:b1d5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 90D9 43 B
433 B 227ms
54ms Image
image/gif 52.213.118.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.118.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-118-96.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 21 Dec 2023 17:55:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 CookieIndex
rtb.adentifi.com/ Frame 90D9 0
35 B 372ms
116ms Image
text/plain 3.228.157.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.157.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-157-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 90D9 43 B
103 B 47ms
38ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZYR8Kr5NX2qgqrzxiEBP0wAA%263344
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 36780
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8391ffa7ecf44510-TXL
content-length: 43
expires: Fri, 22 Dec 2023 17:55:54 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4890
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8KljYpv8I0Fjs3kY54gAAFGQAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8KljYpv8I0Fjs3kY54gAAFGQAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

147ms
147ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8KljYpv8I0Fjs3kY54gAAFGQAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Dec 2023 17:55:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KP7303B5DQCEV45N2947
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Dec 2023 17:55:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9CBATMRTRE205Q06TFFD
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8KljYpv8I0Fjs3kY54gAAFGQAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 4890
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYR8KvLE93RWeOdPB94-jAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBQiYjTyWMiB9I2apkIrb9s&google_cver=1

43 B
732 B

82ms
82ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBQiYjTyWMiB9I2apkIrb9s&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2Ba9p8k3kI9O7DjuUGCLeLZ17fFzehiU%2BTegJ5zqfrbA%2BY51Mb8GgpwoAiztn8eFOazRJp6aU5Zi47aK1f5odXLoX8Og0pM89lDttn8ezdlQnkCYGk5%2F0RjmarxqLWfrnHBa7sIguoVbqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8391ffa8d93d4528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBQiYjTyWMiB9I2apkIrb9s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 4890 70 B
149 B 175ms
57ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 4890
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYR8KljYpv8I0Fjs3kY54gAA%265220&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYR8KljYpv8I0Fjs3kY54gAA%265220&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f3d79340fcd249078282624d21a9b03d
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
362 B

124ms
43ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 233475
expires: Thu, 21 Dec 2023 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Thu, 21 Dec 2023 17:55:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 4890 0
0 149ms
56ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 4890
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4343C735FF0B4F99A3C8A6C064786F76

43 B
736 B

68ms
68ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4343C735FF0B4F99A3C8A6C064786F76
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scojcg9d62sxIl3pHNH4xXUbnIEd%2Fce%2B3R%2BpNZ2lmFYMZhNNT1baIOoqKqtTvSO4DytUy08fyHxyy%2BwBPzrceFDd8VxFcscN5%2Bfy31BS5yNhShqG6tc6uJhL%2FAP070S6UIUz2VEMRcdgpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8391ffa93a224528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Thu, 21 Dec 2023 17:55:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4343C735FF0B4F99A3C8A6C064786F76
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 20 Dec 2023 17:55:54 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 4890
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718992554&external_user_id=104596d3-8dc0-472a-91b8-00a470c80a12

43 B
736 B

64ms
64ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718992554&external_user_id=104596d3-8dc0-472a-91b8-00a470c80a12
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tox1MqbyGVurDbqQDfQ7JJ%2FS%2BCHQBwZrYwr69b3ZdXjyC2bJ6Xvh%2Ftj05qKuy2xkMtuHvci0Koajwjm2QZrof6FPcOxH8NhR%2FYI5r3mMIzbLa9pQmDOzOyxaAQzJyJXGrId41ZR2opKRzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8391ffa96a884528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718992554&external_user_id=104596d3-8dc0-472a-91b8-00a470c80a12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 4890
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=3feef54b7f9a43148cb1c6c92f8862ac&expiration=1705773354

43 B
732 B

80ms
80ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=3feef54b7f9a43148cb1c6c92f8862ac&expiration=1705773354
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c86t%2BikyV7z9S0j1yeTsZbwQzEaozsTHW9Ip6Ys4xipS5JRiavBQQ7jA03dahhvmgXwXmH2BSX%2Bcif751JFdF6Z7E%2FlYNMsli6Nwiy2K01KddVvom28l%2FKsNO3P8SACSQIl5LMx9QWdgOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8391ffa8c90c4528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=3feef54b7f9a43148cb1c6c92f8862ac&expiration=1705773354
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 4890 43 B
103 B 52ms
45ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZYR8KljYpv8I0Fjs3kY54gAA%265220
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 36780
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8391ffa7ecf14510-TXL
content-length: 43
expires: Fri, 22 Dec 2023 17:55:54 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B587
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8KvLE93RWeOdPB94_jAAAFIQAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8KvLE93RWeOdPB94_jAAAFIQAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

146ms
146ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8KvLE93RWeOdPB94_jAAAFIQAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Dec 2023 17:55:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SQ6T9E4CZ5PNM0AWK90R
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Dec 2023 17:55:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KTKDEB1GG6Z2AVCYF53P
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYR8KvLE93RWeOdPB94_jAAAFIQAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame B587
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYR8KvLE93RWeOdPB94-jAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELJRhdqUmbcva6n05Rp9iDo&google_cver=1

43 B
738 B

67ms
66ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELJRhdqUmbcva6n05Rp9iDo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hZoQfyd2cAlppWGkXKW%2FbI0SX%2FqMd6DV%2BwrbH2RuuHlLGBtiRfM79vbZNnx%2BOcY7VWjGeGthDM1sW%2F3sJjM06uDIpBjvbl4BjLAljmVHhQ724VkDZ6u%2BMHE8zojGpJXMrabuFXDpxbjhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8391ffa898ad4528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELJRhdqUmbcva6n05Rp9iDo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame B587
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYR8KvLE93RWeOdPB94-jAAA%265252&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYR8KvLE93RWeOdPB94-jAAA%265252&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=16d000b84b704e02a9d64ec13b833102
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
363 B

98ms
42ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 194686
expires: Thu, 21 Dec 2023 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Thu, 21 Dec 2023 17:55:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame B587 70 B
148 B 222ms
106ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame B587 42 B
180 B 192ms
58ms Image
image/gif 2a05:d018:cc3:fe04:1a4f:40b4:84ae:b1d5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:1a4f:40b4:84ae:b1d5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame B587
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588528177236041

43 B
734 B

62ms
62ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588528177236041
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdZOqmuQ4zhhrztzjnHXTQ%2FwzvEihq%2FmCzICpxSV2PD1oq3MO5f0Wi8GBeKRr2SdF2EOBAn7aloPIWZZUEVIg9JVTtRZBzXyN5LVbu7t7l63gxEJe2G03lEuFMSBgUWcyEWr%2FT09MldiuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8391ffa96a834528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588528177236041
Date: Thu, 21 Dec 2023 17:55:54 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame B587
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=c6d43337-dd44-4d87-8a9a-b31b50213a6a

43 B
735 B

80ms
80ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=c6d43337-dd44-4d87-8a9a-b31b50213a6a
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIR7f5NbTBqu2%2FDk6YkmpU3n%2B54DgPj4guLzsofYDeCvRhOKfULt8QxIK%2Fcxhk3NXqkiM4Iv3px1t5fAEWUSj2T4j20k3XHyTOkj7QsIkeyYHo1z82MHqu6sFVIEPPYcUXeFY%2BOjL27IGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8391ffa8c90f4528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=c6d43337-dd44-4d87-8a9a-b31b50213a6a
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H2 200 ix
ad4m.at/ad/sim/ Frame B587 0
0 151ms
60ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame B587 43 B
252 B 44ms
38ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZYR8KvLE93RWeOdPB94-jAAA%265252
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 36780
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8391ffa7ecee4510-TXL
content-length: 43
expires: Fri, 22 Dec 2023 17:55:54 GMT

GET
H2 200 json Show response
trc.taboola.com/graytv-wvirnbc29/trc/3/ 36 KB
11 KB 717ms
717ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-wvirnbc29/trc/3/json?tim=18%3A55%3A54.180&route=AM:AM:V&tvi2=4948&tvi48=10638&tvi50=14585&lti=deflated&data=%7B%22id%22%3A246%2C%22ii%22%3A%22%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_5709cac23b636cdf875fa9ab85b3d4a9_bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9_1703181353_1703181353_CNawjgYQkr1ZGOaBlOzIMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABo06-UtbOljN4acAA%22%2C%22ui%22%3A%22bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9%22%2C%22uifp%22%3A%22bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9%22%2C%22lbt%22%3A1703174655526%2C%22vi%22%3A1703181353190%2C%22cv%22%3A%2220231221-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F%22%2C%22vpi%22%3A%22%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8532%2C%22nsid%22%3A%22meredith-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A20%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20New%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20New%22%2C%22cd%22%3A1878.265625%2C%22mw%22%3A938%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10741297%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2CBelow%20Article%20Thumbnails%20New%3Dalternating-thumbnails-a%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b124870224b6762e63a7d41a56096bb8effd0702454202495b0cfd4316f61ec0

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 677
date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.6941666666666667
x-fastly-to-nlb-rtt: 7442
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220106-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1703181354.200984,VS0,VE677
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.29news.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 abtests
am-trc-events.taboola.com/graytv-wvirnbc29/log/3/ 0
231 B 132ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-wvirnbc29/log/3/abtests?route=AM:AM:V&tvi2=4948&tvi48=10638&tvi50=14585&lti=deflated&ri=2decd32e687058878327f8a75b602f2e&sd=v2_5709cac23b636cdf875fa9ab85b3d4a9_bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9_1703181353_1703181353_CNawjgYQkr1ZGOaBlOzIMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABo06-UtbOljN4acAA&ui=bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9&pi=/2023/12/08/crozet-group-knitting-hundreds-caps-newborns&wi=-4696034765452806373&pt=text&vi=1703181353190&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1703181354182%7D&tim=18%3A55%3A54.183&id=8516&llvl=2&cv=20231221-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 344d5f0b02e9248fd77a36c9f812305e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 29 KB
30 KB 47ms
46ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/344d5f0b02e9248fd77a36c9f812305e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c07c1b7f2e0595a192bb20488e1f4a36c857f0873a5c97d35748094983120bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/344d5f0b02e9248fd77a36c9f812305e.png
age: 2512446
edge-cache-tag: 382100085129334323480471648874047741208,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 382100085129334323480471648874047741208,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 204
expiration: expiry-date="Mon, 11 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.karlsruhe-insider.de/
content-length: 29540
x-backend-name: CH_nlb802
x-served-by: cache-iad-kcgs7200042-IAD, cache-iad-kjyo7100055-IAD, cache-lga21928-LGA, cache-iad-kjyo7100147-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 10 Nov 2023 10:53:30 GMT
server: nginx
surrogate-reporting: width=560,height=312,bytes=43044,owidth=1920,oheight=1080,obytes=857196
x-timer: S1703181354.216461,VS0,VE1
etag: "4d71cf58e86a683e0e232375605d794d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 8dc642e4fdc19dc489755b540458522f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 21 KB
22 KB 42ms
42ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8dc642e4fdc19dc489755b540458522f.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 29c12d112c9911cae43d9c3d40e837d43ef4a09963528569cc4417d18468024c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8dc642e4fdc19dc489755b540458522f.png
age: 1914317
edge-cache-tag: 369996066292496383841731239166173740786,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 369996066292496383841731239166173740786,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 176
req-referer: https://d-6679336872407839715.ampproject.net/
content-length: 21416
x-request-id: d82e4b8144fe142fbf51ffdc9d5d2af7
x-backend-name: CH_nlb802
x-served-by: cache-iad-kiad7000078-IAD, cache-iad-kiad7000065-IAD, cache-iad-kcgs7200048-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 02 Oct 2023 15:37:13 GMT
server: nginx
surrogate-reporting: width=1024,height=568,bytes=70306,owidth=1024,oheight=694,obytes=959589
x-timer: S1703181354.216488,VS0,VE0
etag: "f7420d24a835e2a76c1b8fa5f3e39b96"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 280

GET
H2 200 bj21rfhd2qtet50an2qg.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1697090435/ 9 KB
10 KB 41ms
41ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1697090435/bj21rfhd2qtet50an2qg.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 038d9bccfdcea26ebf22b124813ce82aef6606c082f8cb7e487ad76a209788a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1697090435/bj21rfhd2qtet50an2qg.jpg
age: 3235773
edge-cache-tag: 501428187328839556198077495770540098588,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 501428187328839556198077495770540098588,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 57
req-referer: https://www.sport1.de/news/fussball/bundesliga/2023/10/fc-bayern-jetzt-kritisiert-hoeness-auch-tuchel-trainer-habe-unkluge-ausserungen-getatigt
content-length: 9306
x-request-id: 885b7e2afc6c1bc70296363ae0d5d806
x-backend-name: LA_nlb204
x-served-by: cache-iad-kjyo7100157-IAD, cache-iad-kjyo7100157-IAD, cache-sna10739-LGB, cache-iad-kiad7000029-IAD, cache-fra-etou8220106-FRA
last-modified: Thu, 12 Oct 2023 06:00:48 GMT
server: nginx
surrogate-reporting: width=800,height=444,bytes=25457,owidth=800,oheight=450,obytes=24305
x-timer: S1703181354.215884,VS0,VE0
etag: "65b1833cc115a698f05ddd36f46c1b05"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 0, 93

GET
H2 200 434fc2aec9c0fc1e01dbd020427d0bd2.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 52 KB
53 KB 42ms
42ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 960e93d018c45bcf3ec1f8c6094433afdaa268edfd4a1aaf90f4da83a86224d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
age: 6053558
edge-cache-tag: 557826513005111748038710872403493155354,398760349672635103742853848798208124224,29ecf9b93bbf306179626feeda1fab70
cache-tag: 557826513005111748038710872403493155354,398760349672635103742853848798208124224,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 283
expiration: expiry-date="Wed, 04 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.radioguetersloh.de/
content-length: 53186
x-backend-name: US_nlb103
x-served-by: cache-iad-kjyo7100123-IAD, cache-iad-kiad7000130-IAD, cache-iad-kjyo7100125-IAD, cache-fra-etou8220106-FRA
last-modified: Sun, 03 Sep 2023 14:48:55 GMT
server: nginx
surrogate-reporting: width=2048,height=1152,owidth=2048,oheight=3072,obytes=423405
x-timer: S1703181354.217035,VS0,VE0
etag: "eb9ab7a7acee76059b3d4e6f6dd7935c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 813

GET
H2 200 f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 16 KB
16 KB 42ms
42ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba470797eae0d255a4ff5dc4fc8c1fdf3e9258d69b63ec88e11d516668b2f3f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
age: 4481950
edge-cache-tag: 409691005524497662989470082405191960683,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 409691005524497662989470082405191960683,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 826
req-referer: https://ads.taboola.com/
content-length: 16160
x-request-id: 4c02b10fdc35de114e60af1c7ddc4a75
x-backend-name: LA_nlb202
x-served-by: cache-iad-kcgs7200125-IAD, cache-iad-kjyo7100032-IAD, cache-sna10723-LGB, cache-iad-kiad7000037-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 11 Sep 2023 15:47:48 GMT
server: nginx
surrogate-reporting: width=360,height=200,owidth=2128,oheight=1200,obytes=256593
x-timer: S1703181354.217036,VS0,VE0
etag: "9ed6a1738a8161d0eeb175d489a51f47"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 33, 1169

GET
H2 200 30227af119f3302a99e83f9a54407352.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 67 KB
67 KB 41ms
41ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/30227af119f3302a99e83f9a54407352.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c00924738e54e5638d69595bd2d5b0322f6b0b246762dae6bccae7f0b2b62074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/30227af119f3302a99e83f9a54407352.jpg
age: 6136395
edge-cache-tag: 414577993168889349294354691808071675363,351400474140383510437951399380511509083,29ecf9b93bbf306179626feeda1fab70
cache-tag: 414577993168889349294354691808071675363,351400474140383510437951399380511509083,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 540
req-referer: https://ads.taboola.com/
content-length: 68368
x-request-id: d90ba50f6f7a678ab4b7cc2f8138dee9
x-backend-name: US_nlb102
x-served-by: cache-iad-kcgs7200158-IAD, cache-iad-kiad7000157-IAD, cache-ewr18181-EWR, cache-iad-kcgs7200118-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 02 Oct 2023 06:40:46 GMT
server: nginx
surrogate-reporting: width=999,height=562,bytes=102452,owidth=1000,oheight=600,obytes=144610
x-timer: S1703181354.244801,VS0,VE0
etag: "339877df7560e01db1ae91f8be977a88"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1672

GET
H2 200 aad9a5b75fefc09c48b62063e9dec3b6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 42ms
42ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aad9a5b75fefc09c48b62063e9dec3b6.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c314a5902c8a2837b5dc12afb0cbf5533d145f71f0146e26c87cdd180c57e997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aad9a5b75fefc09c48b62063e9dec3b6.png
age: 4410416
edge-cache-tag: 556733189077441664192164388634062597999,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 556733189077441664192164388634062597999,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 454
req-referer: https://polskiobserwator.de/
content-length: 13296
x-request-id: cf41cca360f86519a7ddb516e4769d5e
x-backend-name: CH_nlb801
x-served-by: cache-iad-kcgs7200023-IAD, cache-iad-kiad7000035-IAD, cache-iad-kiad7000081-IAD, cache-fra-etou8220106-FRA
last-modified: Sun, 17 Sep 2023 23:26:36 GMT
server: nginx
surrogate-reporting: width=560,height=312,bytes=20614,owidth=1600,oheight=900,obytes=886767
x-timer: S1703181354.259344,VS0,VE0
etag: "2c24781e031e097dab07f4fb2de8d786"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 42, 3

GET
H2 200 3cd946682bb54ffc192c330f6cd78c67.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 42ms
41ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3cd946682bb54ffc192c330f6cd78c67.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5298433734f4cf36853c7eae0161b734a6191b7a557ad26849d598c970616deb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3cd946682bb54ffc192c330f6cd78c67.jpg
age: 1056415
edge-cache-tag: 365613285388987769532952377643884752202,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 365613285388987769532952377643884752202,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 385
req-referer: https://morebeauty.eu/
content-length: 11698
x-request-id: 95fadbd4cf356834b24c34448fae5a78
x-backend-name: CH_nlb801
x-served-by: cache-iad-kcgs7200137-IAD, cache-iad-kjyo7100144-IAD, cache-lga21963-LGA, cache-iad-kcgs7200078-IAD, cache-fra-etou8220106-FRA
last-modified: Sat, 09 Dec 2023 11:30:11 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=19259,owidth=1000,oheight=600,obytes=355661
x-timer: S1703181354.260216,VS0,VE0
etag: "b719b8a254973e59a2634624e1cfbf2b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 3

GET
H2 200 e574d0774c48691f3af0ae2061af35d3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
24 KB 47ms
47ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e574d0774c48691f3af0ae2061af35d3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b8561de28162e46c4f8c8fed9e5462f833c6e6eeef9fc25e002a6cfe13251114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e574d0774c48691f3af0ae2061af35d3.png
age: 4266938
edge-cache-tag: 578705306751097711567236155726779671145,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 578705306751097711567236155726779671145,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 4854
req-referer: https://forums.digitalspy.com/
content-length: 24194
x-request-id: aa12728d7747b5a59f4cd65dbe449a42
x-backend-name: LA_nlb201
x-served-by: cache-iad-kiad7000034-IAD, cache-iad-kiad7000117-IAD, cache-lax10680-LGB, cache-iad-kiad7000092-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 11 Sep 2023 15:35:15 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=42510,owidth=1232,oheight=772,obytes=1940678
x-timer: S1703181354.267007,VS0,VE1
etag: "b98dd3207fe9d132102e2c99a8f4b3c2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 15, 1

GET
H2 200 cbc0fea7473f02a36361d31728df69fa.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_649%2Cx_0%2Cy_96/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 63 KB
64 KB 39ms
39ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_649%2Cx_0%2Cy_96/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbc0fea7473f02a36361d31728df69fa.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a083ba905e5339d8691a6620b8569d11d306bf961c5c78f938633913920086f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_649%2Cx_0%2Cy_96/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbc0fea7473f02a36361d31728df69fa.jpg
age: 1925340
edge-cache-tag: 618266765815550996917113283031209869448,462131430010027076990691104394380344696,29ecf9b93bbf306179626feeda1fab70
cache-tag: 618266765815550996917113283031209869448,462131430010027076990691104394380344696,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 524
req-referer: https://ads.taboola.com/
content-length: 64448
x-request-id: aac11a0cda09628597ba13071fc92aef
x-backend-name: LA_nlb203
x-served-by: cache-iad-kjyo7100041-IAD, cache-iad-kiad7000119-IAD, cache-lax-kwhp1940026-LAX, cache-iad-kiad7000175-IAD, cache-fra-etou8220106-FRA
last-modified: Sat, 18 Nov 2023 09:27:18 GMT
server: nginx
surrogate-reporting: width=649,height=365,bytes=128975,owidth=650,oheight=488,obytes=181258
x-timer: S1703181354.267075,VS0,VE0
etag: "7319b190d449ed9954dbdd724f7adf87"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 529

GET
H2 200 2IFOP3JO65EMTH5CZGVTSXJMKI.jpg%3Fauth%3D30188f7548970a0bd16dbe1e82d9fb66a2484bbb4af64c6748b97de752a082c3%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 78 KB
79 KB 713ms
713ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/2IFOP3JO65EMTH5CZGVTSXJMKI.jpg%3Fauth%3D30188f7548970a0bd16dbe1e82d9fb66a2484bbb4af64c6748b97de752a082c3%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 528e02f0c22bbc258ca12ab35563b74650d81dfc604e5ce3a030cc03c0c29109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 674
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/2IFOP3JO65EMTH5CZGVTSXJMKI.jpg%3Fauth%3D30188f7548970a0bd16dbe1e82d9fb66a2484bbb4af64c6748b97de752a082c3%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 173535
edge-cache-tag: 391809127323206082653190106803800704935,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 391809127323206082653190106803800704935,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, MISS, MISS
x-envoy-upstream-service-time: 417
req-referer: https://www.29news.com/
content-length: 79684
x-request-id: b0fc17b78857442b307405183b5d9013
x-backend-name: LA_nlb201
x-served-by: cache-iad-kjyo7100166-IAD, cache-iad-kjyo7100085-IAD, cache-bur-kbur8200130-BUR, cache-iad-kcgs7200125-IAD, cache-fra-etou8220106-FRA
last-modified: Tue, 28 Nov 2023 01:33:24 GMT
server: nginx
surrogate-reporting: width=1260,height=630,bytes=113087,owidth=1200,oheight=600,obytes=111904,ef=(1,13,17,23,30)
x-timer: S1703181354.267727,VS0,VE674
etag: "f4c15c4dd331cbb7edb9a7272a8c6068"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 0, 0

GET
H2 200 T7HJ6J3D4ZFYVLWDV5P25YW2BA.jpg%3Fauth%3D23bcc676b7bec5d791261a5a07b1e2416598d51c1510f754a6664aa08ee8ed48%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 72 KB
73 KB 183ms
183ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/T7HJ6J3D4ZFYVLWDV5P25YW2BA.jpg%3Fauth%3D23bcc676b7bec5d791261a5a07b1e2416598d51c1510f754a6664aa08ee8ed48%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c0e389ee38bf3300bf233b2b74311fd4ff5f05dafab64221a1efcd91d08d8c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 115
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/T7HJ6J3D4ZFYVLWDV5P25YW2BA.jpg%3Fauth%3D23bcc676b7bec5d791261a5a07b1e2416598d51c1510f754a6664aa08ee8ed48%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 1733256
edge-cache-tag: 426342681135456173516109621408559109224,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 426342681135456173516109621408559109224,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 1116
req-referer: https://www.nbc29.com/
content-length: 73770
x-request-id: 1ff7c7d5d160b618900dac51f59af2fc
x-backend-name: CH_nlb804
x-served-by: cache-iad-kjyo7100177-IAD, cache-iad-kjyo7100092-IAD, cache-lga21939-LGA, cache-iad-kjyo7100134-IAD, cache-fra-etou8220106-FRA
last-modified: Thu, 30 Nov 2023 04:21:18 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=96231,owidth=1200,oheight=600,obytes=98127
x-timer: S1703181354.291079,VS0,VE115
etag: "6565225f7f58b581dac673898d58d11b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 17, 0

GET
H2 200 https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F12-08-2023%252Ft_423611b6517043668f0876c3ca56effc_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3Db776aad25f13acec7fcc25a42598e90b93a4d43161d3fa9c063...
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 40 KB
41 KB 168ms
168ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F12-08-2023%252Ft_423611b6517043668f0876c3ca56effc_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3Db776aad25f13acec7fcc25a42598e90b93a4d43161d3fa9c063aefddfff7c0e3%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 54dba0630e5668ff0b2b8b2f83694029950b9344842e5199e58a227f33ae25e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F12-08-2023%252Ft_423611b6517043668f0876c3ca56effc_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3Db776aad25f13acec7fcc25a42598e90b93a4d43161d3fa9c063aefddfff7c0e3%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 780887
edge-cache-tag: 347055703246328505086655332564753470532,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 347055703246328505086655332564753470532,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 916
req-referer: https://www.nbc29.com/
content-length: 40762
x-request-id: f5fe55c220808a1d09e3e499787c6725
x-backend-name: LA_nlb203
x-served-by: cache-iad-kjyo7100118-IAD, cache-iad-kcgs7200103-IAD, cache-lax-kwhp1940070-LAX, cache-iad-kiad7000148-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 08 Dec 2023 23:15:27 GMT
server: nginx
surrogate-reporting: width=1260,height=630,bytes=85428,owidth=1200,oheight=600,obytes=71299,ef=(1,13,17,23,30)
x-timer: S1703181354.304261,VS0,VE90
etag: "4af9dc045b4cab35cfb6f8ab25f1f616"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 23, 0

GET
H2 200 HFWJKEG4CNDNXBUERVNXPMTAKA.jpg%3Fauth%3D0ff2df0e771c94c373aff21d2d206617fb152f5fd6c152cf777c84d598df85df%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 17 KB
18 KB 788ms
788ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/HFWJKEG4CNDNXBUERVNXPMTAKA.jpg%3Fauth%3D0ff2df0e771c94c373aff21d2d206617fb152f5fd6c152cf777c84d598df85df%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3584b55397071ae064f8f4e86691e47933538138e2d2b1966d8283cdf138257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 749
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/HFWJKEG4CNDNXBUERVNXPMTAKA.jpg%3Fauth%3D0ff2df0e771c94c373aff21d2d206617fb152f5fd6c152cf777c84d598df85df%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 0
edge-cache-tag: 494031333863794438189814787810626158030,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 494031333863794438189814787810626158030,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, MISS
x-envoy-upstream-service-time: 639
req-referer: https://www.29news.com/
content-length: 17866
x-request-id: ed742025f1a648966fb39f3ad504ead5
x-backend-name: US_nlb102
x-served-by: cache-iad-kjyo7100085-IAD, cache-iad-kiad7000028-IAD, cache-lga21924-LGA, cache-iad-kcgs7200113-IAD, cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 14:15:33 GMT
server: nginx
surrogate-reporting: width=1260,height=630,bytes=57261,owidth=1200,oheight=600,obytes=44943,ef=(1,13,17,23,30)
x-timer: S1703181354.304390,VS0,VE749
etag: "8800bee63e2bc3bff5f28cca4bf4ef29"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 MECEH7WYLRFLJK7LJR46CTS6GY.jpg%3Fauth%3D1a1cd3640f3baabf0c778f517c6967b09f1a2f8cb979c34df5bbd87014a150d4%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 8 KB
8 KB 751ms
750ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/MECEH7WYLRFLJK7LJR46CTS6GY.jpg%3Fauth%3D1a1cd3640f3baabf0c778f517c6967b09f1a2f8cb979c34df5bbd87014a150d4%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3c3fff679893fcfe09b9d05125eccda5fc6c254c8388299d30859ba9d86f7f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 712
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/MECEH7WYLRFLJK7LJR46CTS6GY.jpg%3Fauth%3D1a1cd3640f3baabf0c778f517c6967b09f1a2f8cb979c34df5bbd87014a150d4%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 0
edge-cache-tag: 571399905527170232040614253269593089961,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
cache-tag: 571399905527170232040614253269593089961,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, MISS
x-envoy-upstream-service-time: 555
req-referer: https://www.29news.com/
content-length: 7824
x-request-id: a3971a596bb5c3cae96e2ac197a06fd3
x-backend-name: LA_nlb202
x-served-by: cache-iad-kcgs7200146-IAD, cache-iad-kjyo7100107-IAD, cache-bur-kbur8200053-BUR, cache-iad-kcgs7200140-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 15 Dec 2023 20:51:52 GMT
server: nginx
surrogate-reporting: width=660,height=330,bytes=18956,owidth=1200,oheight=600,obytes=36699,ef=(1,13,17,23,30)
x-timer: S1703181354.312802,VS0,VE712
etag: "afa79e708d426051f77056f1bc3d6e50"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 2d4eae6b7b80c3aee2e45e818b14f1f8.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 64 KB
65 KB 42ms
42ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2d4eae6b7b80c3aee2e45e818b14f1f8.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a91fed9ab29104934dd68b7678ff24d12db069abb8b88687988dc3148055bb9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2d4eae6b7b80c3aee2e45e818b14f1f8.png
age: 2512559
edge-cache-tag: 586336398254790737646622767004227866347,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 586336398254790737646622767004227866347,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 285
expiration: expiry-date="Mon, 11 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.t-online.de/
content-length: 65118
x-backend-name: CH_nlb803
x-served-by: cache-iad-kcgs7200174-IAD, cache-iad-kcgs7200143-IAD, cache-lga21982-LGA, cache-iad-kiad7000118-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 10 Nov 2023 10:41:26 GMT
server: nginx
surrogate-reporting: width=1920,height=1066,bytes=268433,owidth=1920,oheight=1080,obytes=955131
x-timer: S1703181354.316373,VS0,VE2
etag: "23a40faf67fd42a126d4c95b3b356340"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 8dc642e4fdc19dc489755b540458522f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 39 KB
40 KB 42ms
42ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8dc642e4fdc19dc489755b540458522f.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ca6dc560769be8ceae42b3f0326ffdb9e2e8d70ed7d77fc561602d0228f4654

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8dc642e4fdc19dc489755b540458522f.png
age: 1914316
edge-cache-tag: 369996066292496383841731239166173740786,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 369996066292496383841731239166173740786,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 204
req-referer: https://www.karlsruhe-insider.de/
content-length: 40368
x-request-id: d82e4b8144fe142fbf51ffdc9d5d2af7
x-backend-name: LA_nlb204
x-served-by: cache-iad-kiad7000078-IAD, cache-iad-kiad7000078-IAD, cache-lax10650-LGB, cache-iad-kiad7000022-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 02 Oct 2023 15:37:13 GMT
server: nginx
surrogate-reporting: width=1024,height=568,bytes=70306,owidth=1024,oheight=694,obytes=959589
x-timer: S1703181354.366242,VS0,VE0
etag: "f7420d24a835e2a76c1b8fa5f3e39b96"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 300, 69

GET
H2 200 https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F12-14-2023%252Ft_c783c630987f481ea5c36a5c0cb0b770_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3D834b7ffc0fc6d96553395b1f24fa52ecb74d3359ac0957acaff...
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 20 KB
21 KB 1022ms
1018ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F12-14-2023%252Ft_c783c630987f481ea5c36a5c0cb0b770_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3D834b7ffc0fc6d96553395b1f24fa52ecb74d3359ac0957acaffa4aedeb83ff82%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ea2ec1868074d302065374e80d6aa958631aa33b8071c27cc60868c7b8b948ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 981
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F12-14-2023%252Ft_c783c630987f481ea5c36a5c0cb0b770_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3D834b7ffc0fc6d96553395b1f24fa52ecb74d3359ac0957acaffa4aedeb83ff82%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 0
edge-cache-tag: 291911272283714737110032377056024868421,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 291911272283714737110032377056024868421,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, MISS
x-envoy-upstream-service-time: 771
req-referer: https://www.29news.com/
content-length: 20866
x-request-id: 471a4cb48db80fa4a156e171e956f38d
x-backend-name: LA_nlb202
x-served-by: cache-iad-kiad7000055-IAD, cache-iad-kiad7000061-IAD, cache-bur-kbur8200071-BUR, cache-iad-kcgs7200156-IAD, cache-fra-etou8220106-FRA
last-modified: Thu, 14 Dec 2023 14:02:57 GMT
server: nginx
surrogate-reporting: width=620,height=345,bytes=47822,owidth=1200,oheight=600,obytes=75924,ef=(1,13,17,23,30)
x-timer: S1703181354.474734,VS0,VE981
etag: "c88aa481ad0dcc00a9bd1e4bd9185816"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 3CDPWUJGMTORE2GHCCMHYJ2QVQ.jpg%3Fauth%3Dd7db158f13f486201eebbc9da7a9e2f928c4060c68be915606a8dba545c6f4f9%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 10 KB
11 KB 133ms
132ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/3CDPWUJGMTORE2GHCCMHYJ2QVQ.jpg%3Fauth%3Dd7db158f13f486201eebbc9da7a9e2f928c4060c68be915606a8dba545c6f4f9%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92ed521949fc4f78131e3076ddae64bf311c6da4b844419d8a0f7c1ee3bc2b3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 92
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/3CDPWUJGMTORE2GHCCMHYJ2QVQ.jpg%3Fauth%3Dd7db158f13f486201eebbc9da7a9e2f928c4060c68be915606a8dba545c6f4f9%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 1844852
edge-cache-tag: 625488255382839481053340297660284486882,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 625488255382839481053340297660284486882,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 315
req-referer: https://www.nbc29.com/
content-length: 10310
x-request-id: cdde43e6657a7fd2160cba63a789d0c7
x-backend-name: US_nlb106
x-served-by: cache-iad-kcgs7200046-IAD, cache-iad-kcgs7200033-IAD, cache-ewr18127-EWR, cache-iad-kcgs7200045-IAD, cache-fra-etou8220106-FRA
last-modified: Thu, 30 Nov 2023 09:28:24 GMT
server: nginx
surrogate-reporting: width=1079,height=600,bytes=47410,owidth=1200,oheight=600,obytes=46526
x-timer: S1703181354.476015,VS0,VE92
etag: "84675cb0373a8eed71d551a952eb8b9a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 82, 0

GET
H2 200 SJMLY5XMLRCR3MGKBQIMWU4UDU.jpg%3Fauth%3D0f9ea6ac1496c1bf9118530d72bb949d8d6a4ef28be7ecfdd860a1743bf909ed%26width%3D1200%26height%3D600%26smart%3Dfalse%26focal%3D640%252C364
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 37 KB
38 KB 128ms
128ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/SJMLY5XMLRCR3MGKBQIMWU4UDU.jpg%3Fauth%3D0f9ea6ac1496c1bf9118530d72bb949d8d6a4ef28be7ecfdd860a1743bf909ed%26width%3D1200%26height%3D600%26smart%3Dfalse%26focal%3D640%252C364
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e82c4334163acb13a271f826d1b88fe14323dab878a8f56c8aa90f90ca5dc747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/SJMLY5XMLRCR3MGKBQIMWU4UDU.jpg%3Fauth%3D0f9ea6ac1496c1bf9118530d72bb949d8d6a4ef28be7ecfdd860a1743bf909ed%26width%3D1200%26height%3D600%26smart%3Dfalse%26focal%3D640%252C364
age: 852391
edge-cache-tag: 560888790681745037360780677502802492821,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 560888790681745037360780677502802492821,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 301
req-referer: https://www.nbc29.com/
content-length: 37552
x-request-id: 532abc28db4955695e7233541faef3df
x-backend-name: LA_nlb204
x-served-by: cache-iad-kiad7000171-IAD, cache-iad-kiad7000061-IAD, cache-lax-kwhp1940041-LAX, cache-iad-kcgs7200105-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 11 Dec 2023 21:06:39 GMT
server: nginx
surrogate-reporting: width=1079,height=600,bytes=91301,owidth=1200,oheight=600,obytes=111903
x-timer: S1703181354.476002,VS0,VE90
etag: "6268ddf0d080c195a2c448d74b26d85f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 291, 0

GET
H2 200 WR7P4H7VCBDYTEFKVKU526Z4QM.jpg%3Fauth%3D7d3f6f94dc50c124b6c65a381d59288538a34403fa6e0ce0c8debcd0506a843c%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 34 KB
35 KB 132ms
132ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/WR7P4H7VCBDYTEFKVKU526Z4QM.jpg%3Fauth%3D7d3f6f94dc50c124b6c65a381d59288538a34403fa6e0ce0c8debcd0506a843c%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 296e75a15fa08321192357d4287228d75cddedfbb35b8511d8e5cd22463fb2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/WR7P4H7VCBDYTEFKVKU526Z4QM.jpg%3Fauth%3D7d3f6f94dc50c124b6c65a381d59288538a34403fa6e0ce0c8debcd0506a843c%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 455292
edge-cache-tag: 346766546215198672946951228610119780061,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 346766546215198672946951228610119780061,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 618
req-referer: https://www.29news.com/
content-length: 34484
x-request-id: 1af4b5fbeaca18fb0854c4c779269420
x-backend-name: LA_nlb204
x-served-by: cache-iad-kcgs7200160-IAD, cache-iad-kiad7000083-IAD, cache-lax-kwhp1940034-LAX, cache-iad-kcgs7200129-IAD, cache-fra-etou8220106-FRA
last-modified: Wed, 06 Dec 2023 13:46:41 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=53805,owidth=1200,oheight=600,obytes=73546,ef=(1,13,17,23,30)
x-timer: S1703181355.611559,VS0,VE90
etag: "4f4a6942e38927f7e4ec9f4d623605dc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 12, 0

GET
H2 200 RBX22BYBGNEMRIPYTKX2JQTEFI.jpg%3Fauth%3D5a99c92435f9e5259fd3a88a7f3fe02a1774b4de95ce69d6fca6637b819a17c9%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 58 KB
58 KB 134ms
134ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/RBX22BYBGNEMRIPYTKX2JQTEFI.jpg%3Fauth%3D5a99c92435f9e5259fd3a88a7f3fe02a1774b4de95ce69d6fca6637b819a17c9%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 42c6604b85457b472ca4d4362b5786185c00a44363f0c34f6b8bed6a504c5ca9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/RBX22BYBGNEMRIPYTKX2JQTEFI.jpg%3Fauth%3D5a99c92435f9e5259fd3a88a7f3fe02a1774b4de95ce69d6fca6637b819a17c9%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 519562
edge-cache-tag: 565725536437863120573549320481122214126,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 565725536437863120573549320481122214126,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 685
req-referer: https://www.29news.com/
content-length: 58970
x-request-id: 28342f9d1b89b84d7c76c100b0e7b79e
x-backend-name: US_nlb106
x-served-by: cache-iad-kjyo7100159-IAD, cache-iad-kjyo7100096-IAD, cache-lga21935-LGA, cache-iad-kjyo7100134-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 15 Dec 2023 17:19:33 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=76236,owidth=1200,oheight=600,obytes=108676,ef=(1,13,17,23,30)
x-timer: S1703181355.611532,VS0,VE90
etag: "62e50a51649c3e17d0a37e222c8271ca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 20, 0

GET
H2 200 f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 60 KB
61 KB 39ms
39ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ad52d77adac2495edc9ed949213592b8ea71fa9ecc589832fd0e36270ea4d9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
age: 6871130
edge-cache-tag: 409691005524497662989470082405191960683,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 409691005524497662989470082405191960683,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 286
expiration: expiry-date="Thu, 12 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.morgenpost.de/
content-length: 61288
x-backend-name: LA_nlb202
x-served-by: cache-iad-kcgs7200127-IAD, cache-iad-kcgs7200127-IAD, cache-lax10664-LGB, cache-iad-kcgs7200036-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 11 Sep 2023 16:00:12 GMT
server: nginx
surrogate-reporting: width=2128,height=1182,owidth=2128,oheight=1200,obytes=256593
x-timer: S1703181355.746633,VS0,VE0
etag: "8a92d94642692edb12b8391d4839e6d4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 16, 2

GET
H2 200 U34KYPG2GBOTNPWJY766MIZEJQ.jpg%3Fauth%3D2e18c213f296bf01e34365291d13d59d0bbe5085abf3a0bd62c95eb23031f968%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 16 KB
17 KB 129ms
129ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/U34KYPG2GBOTNPWJY766MIZEJQ.jpg%3Fauth%3D2e18c213f296bf01e34365291d13d59d0bbe5085abf3a0bd62c95eb23031f968%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c8d36727b33c7e53f5e856a10288542c2e232484bf9108649155a8d0c4050a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/U34KYPG2GBOTNPWJY766MIZEJQ.jpg%3Fauth%3D2e18c213f296bf01e34365291d13d59d0bbe5085abf3a0bd62c95eb23031f968%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 1980844
edge-cache-tag: 369241215256970030373823964645949368539,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 369241215256970030373823964645949368539,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 407
req-referer: https://www.nbc29.com/
content-length: 15972
x-request-id: bb4dcc70ac2e01124318c03c08055c68
x-backend-name: US_nlb103
x-served-by: cache-iad-kjyo7100113-IAD, cache-iad-kjyo7100139-IAD, cache-lga21936-LGA, cache-iad-kjyo7100090-IAD, cache-fra-etou8220106-FRA
last-modified: Tue, 28 Nov 2023 19:31:21 GMT
server: nginx
surrogate-reporting: width=1079,height=600,bytes=61899,owidth=1200,oheight=600,obytes=45628
x-timer: S1703181355.747622,VS0,VE89
etag: "3b41d331b15504420a8586594f9f10cc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 44, 0

GET
H2 200 https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F12-10-2023%252Ft_5731adf4d5a7418f9f7e78b36140ac59_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3De865d581ade02e8dec394643baff38fe98ef7281b54b3858474...
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 16 KB
17 KB 130ms
129ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F12-10-2023%252Ft_5731adf4d5a7418f9f7e78b36140ac59_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3De865d581ade02e8dec394643baff38fe98ef7281b54b3858474ea71ac67ef45c%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9904e7968b2357f70ee7ebdd08d6a7f1816d70249b82c447b6f4710e0fb0f7b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F12-10-2023%252Ft_5731adf4d5a7418f9f7e78b36140ac59_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3De865d581ade02e8dec394643baff38fe98ef7281b54b3858474ea71ac67ef45c%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 511759
edge-cache-tag: 578921274702581286442836748394472117319,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 578921274702581286442836748394472117319,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 707
req-referer: https://www.29news.com/
content-length: 16074
x-request-id: 886949d9ac78dac5846375815cafd6fd
x-backend-name: LA_nlb201
x-served-by: cache-iad-kjyo7100125-IAD, cache-iad-kcgs7200048-IAD, cache-lax-kwhp1940097-LAX, cache-iad-kjyo7100037-IAD, cache-fra-etou8220106-FRA
last-modified: Sun, 10 Dec 2023 22:23:59 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=42893,owidth=1200,oheight=600,obytes=47497,ef=(1,13,17,23,30)
x-timer: S1703181355.790680,VS0,VE90
etag: "47e469135e8f1d689bf40b0bccdd9c40"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 15, 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0D72 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:23:56 GMT
expires: Fri, 20 Dec 2024 17:23:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A9D6 829 B
1 KB 138ms
51ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8572fefb683e35223c355e9d33dd17f55bf251507acb71bebabd7624de6911c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ivRxX2ruHHKaf8Bsb_wuxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ivRxX2ruHHKaf8Bsb_wuxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:55:54 GMT
expires: Thu, 21 Dec 2023 17:55:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 supply-feature
am-trc-events.taboola.com/graytv-wvirnbc29/log/3/ 0
230 B 47ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-wvirnbc29/log/3/supply-feature?route=AM:AM:V&tvi2=4948&tvi48=10638&tvi50=14585&lti=deflated&ri=2decd32e687058878327f8a75b602f2e&sd=v2_5709cac23b636cdf875fa9ab85b3d4a9_bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9_1703181353_1703181353_CNawjgYQkr1ZGOaBlOzIMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABo06-UtbOljN4acAA&ui=bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9&pi=/2023/12/08/crozet-group-knitting-hundreds-caps-newborns&wi=-4696034765452806373&pt=text&vi=1703181353190&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2216.1875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A55%3A54.236&id=8228&llvl=2&cv=20231221-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 137ms
50ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Dec 2023 17:06:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Dec 2023 17:55:54 GMT

GET
H2 200 spa-detector.20231221-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 42ms
41ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20231221-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2173471d2057bf7f6a4f1e832e72dca89b13655ac8fad8780c2c984160d6ec61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 8YaLphvefMeXx18mqXBSBUHYdVABE_yN
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:54 GMT
x-amz-request-id: QYGFY5878K36PKC9
age: 27152
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 778
x-amz-id-2: s4aFtv0txfGZLHVlUVDPnSw+Pg8nHlFLVGp64qevjXRwbTTXYPEMBCSnKNeX+3yeUPtRsQLQRgE=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 10:23:22 GMT
server: AmazonS3
x-timer: S1703181354.260776,VS0,VE0
etag: "cf6122dde452420bb4c5828858c83586"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 69
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 25457

GET
H2 204 supply-feature
am-trc-events.taboola.com/graytv-wvirnbc29/log/3/ 0
230 B 46ms
46ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-wvirnbc29/log/3/supply-feature?route=AM:AM:V&tvi2=4948&tvi48=10638&tvi50=14585&lti=deflated&ri=2decd32e687058878327f8a75b602f2e&sd=v2_5709cac23b636cdf875fa9ab85b3d4a9_bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9_1703181353_1703181353_CNawjgYQkr1ZGOaBlOzIMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABo06-UtbOljN4acAA&ui=bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9&pi=/2023/12/08/crozet-group-knitting-hundreds-caps-newborns&wi=-4696034765452806373&pt=text&vi=1703181353190&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A55%3A54.237&id=9751&llvl=2&cv=20231221-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/graytv-wvirnbc29/log/3/ 0
230 B 45ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-wvirnbc29/log/3/abtests?route=AM:AM:V&tvi2=4948&tvi48=10638&tvi50=14585&lti=deflated&ri=2decd32e687058878327f8a75b602f2e&sd=v2_5709cac23b636cdf875fa9ab85b3d4a9_bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9_1703181353_1703181353_CNawjgYQkr1ZGOaBlOzIMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABo06-UtbOljN4acAA&ui=bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9&pi=/2023/12/08/crozet-group-knitting-hundreds-caps-newborns&wi=-4696034765452806373&pt=text&vi=1703181353190&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1703181354238%7D&tim=18%3A55%3A54.238&id=8276&llvl=2&cv=20231221-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/graytv-wvirnbc29/log/3/ 0
230 B 47ms
46ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-wvirnbc29/log/3/supply-feature?route=AM:AM:V&tvi2=4948&tvi48=10638&tvi50=14585&lti=deflated&ri=2decd32e687058878327f8a75b602f2e&sd=v2_5709cac23b636cdf875fa9ab85b3d4a9_bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9_1703181353_1703181353_CNawjgYQkr1ZGOaBlOzIMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABo06-UtbOljN4acAA&ui=bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9&pi=/2023/12/08/crozet-group-knitting-hundreds-caps-newborns&wi=-4696034765452806373&pt=text&vi=1703181353190&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A55%3A54.239&id=6852&llvl=2&cv=20231221-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/graytv-wvirnbc29/log/3/ 0
230 B 46ms
46ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-wvirnbc29/log/3/abtests?route=AM:AM:V&tvi2=4948&tvi48=10638&tvi50=14585&lti=deflated&ri=2decd32e687058878327f8a75b602f2e&sd=v2_5709cac23b636cdf875fa9ab85b3d4a9_bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9_1703181353_1703181353_CNawjgYQkr1ZGOaBlOzIMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABo06-UtbOljN4acAA&ui=bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9&pi=/2023/12/08/crozet-group-knitting-hundreds-caps-newborns&wi=-4696034765452806373&pt=text&vi=1703181353190&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1703181354240%7D&tim=18%3A55%3A54.240&id=1870&llvl=2&cv=20231221-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8dc642e4fdc19dc489755b540458522f.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 29c12d112c9911cae43d9c3d40e837d43ef4a09963528569cc4417d18468024c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8dc642e4fdc19dc489755b540458522f.png
age: 1914318
edge-cache-tag: 369996066292496383841731239166173740786,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 369996066292496383841731239166173740786,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 176
req-referer: https://d-6679336872407839715.ampproject.net/
content-length: 21416
x-request-id: d82e4b8144fe142fbf51ffdc9d5d2af7
x-backend-name: CH_nlb802
x-served-by: cache-iad-kiad7000078-IAD, cache-iad-kiad7000065-IAD, cache-iad-kcgs7200048-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 02 Oct 2023 15:37:13 GMT
server: nginx
surrogate-reporting: width=1024,height=568,bytes=70306,owidth=1024,oheight=694,obytes=959589
x-timer: S1703181355.877211,VS0,VE0
etag: "f7420d24a835e2a76c1b8fa5f3e39b96"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 281

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1697090435/bj21rfhd2qtet50an2qg.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 038d9bccfdcea26ebf22b124813ce82aef6606c082f8cb7e487ad76a209788a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1697090435/bj21rfhd2qtet50an2qg.jpg
age: 3235774
edge-cache-tag: 501428187328839556198077495770540098588,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 501428187328839556198077495770540098588,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 57
req-referer: https://www.sport1.de/news/fussball/bundesliga/2023/10/fc-bayern-jetzt-kritisiert-hoeness-auch-tuchel-trainer-habe-unkluge-ausserungen-getatigt
content-length: 9306
x-request-id: 885b7e2afc6c1bc70296363ae0d5d806
x-backend-name: LA_nlb204
x-served-by: cache-iad-kjyo7100157-IAD, cache-iad-kjyo7100157-IAD, cache-sna10739-LGB, cache-iad-kiad7000029-IAD, cache-fra-etou8220106-FRA
last-modified: Thu, 12 Oct 2023 06:00:48 GMT
server: nginx
surrogate-reporting: width=800,height=444,bytes=25457,owidth=800,oheight=450,obytes=24305
x-timer: S1703181355.918751,VS0,VE0
etag: "65b1833cc115a698f05ddd36f46c1b05"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 0, 94

POST
H2 204 beacon
powa-ingest-prod-us-east-1.video-player.arcpublishing.com/ 0
143 B 142ms
142ms Ping
text/plain 3.229.112.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powa-ingest-prod-us-east-1.video-player.arcpublishing.com/beacon
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.112.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-112-134.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Dec 2023 17:55:54 GMT
access-control-allow-credentials: false
server: awselb/2.0
access-control-allow-headers: *
access-control-allow-methods: *

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/344d5f0b02e9248fd77a36c9f812305e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c07c1b7f2e0595a192bb20488e1f4a36c857f0873a5c97d35748094983120bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/344d5f0b02e9248fd77a36c9f812305e.png
age: 2512447
edge-cache-tag: 382100085129334323480471648874047741208,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 382100085129334323480471648874047741208,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 204
expiration: expiry-date="Mon, 11 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.karlsruhe-insider.de/
content-length: 29540
x-backend-name: CH_nlb802
x-served-by: cache-iad-kcgs7200042-IAD, cache-iad-kjyo7100055-IAD, cache-lga21928-LGA, cache-iad-kjyo7100147-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 10 Nov 2023 10:53:30 GMT
server: nginx
surrogate-reporting: width=560,height=312,bytes=43044,owidth=1920,oheight=1080,obytes=857196
x-timer: S1703181355.920968,VS0,VE0
etag: "4d71cf58e86a683e0e232375605d794d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 960e93d018c45bcf3ec1f8c6094433afdaa268edfd4a1aaf90f4da83a86224d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
age: 6053559
edge-cache-tag: 557826513005111748038710872403493155354,398760349672635103742853848798208124224,29ecf9b93bbf306179626feeda1fab70
cache-tag: 557826513005111748038710872403493155354,398760349672635103742853848798208124224,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 283
expiration: expiry-date="Wed, 04 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.radioguetersloh.de/
content-length: 53186
x-backend-name: US_nlb103
x-served-by: cache-iad-kjyo7100123-IAD, cache-iad-kiad7000130-IAD, cache-iad-kjyo7100125-IAD, cache-fra-etou8220106-FRA
last-modified: Sun, 03 Sep 2023 14:48:55 GMT
server: nginx
surrogate-reporting: width=2048,height=1152,owidth=2048,oheight=3072,obytes=423405
x-timer: S1703181355.958737,VS0,VE0
etag: "eb9ab7a7acee76059b3d4e6f6dd7935c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 814

GET
H2 200 f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 16 KB
17 KB 39ms
39ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba470797eae0d255a4ff5dc4fc8c1fdf3e9258d69b63ec88e11d516668b2f3f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
age: 4481951
edge-cache-tag: 409691005524497662989470082405191960683,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 409691005524497662989470082405191960683,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 826
req-referer: https://ads.taboola.com/
content-length: 16160
x-request-id: 4c02b10fdc35de114e60af1c7ddc4a75
x-backend-name: LA_nlb202
x-served-by: cache-iad-kcgs7200125-IAD, cache-iad-kjyo7100032-IAD, cache-sna10723-LGB, cache-iad-kiad7000037-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 11 Sep 2023 15:47:48 GMT
server: nginx
surrogate-reporting: width=360,height=200,owidth=2128,oheight=1200,obytes=256593
x-timer: S1703181355.963155,VS0,VE0
etag: "9ed6a1738a8161d0eeb175d489a51f47"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 33, 1170

GET
H2 200 container.html Show response
ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1991 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:55:53 GMT
expires: Fri, 20 Dec 2024 17:55:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 30227af119f3302a99e83f9a54407352.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 67 KB
68 KB 39ms
39ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/30227af119f3302a99e83f9a54407352.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c00924738e54e5638d69595bd2d5b0322f6b0b246762dae6bccae7f0b2b62074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/30227af119f3302a99e83f9a54407352.jpg
age: 6136396
edge-cache-tag: 414577993168889349294354691808071675363,351400474140383510437951399380511509083,29ecf9b93bbf306179626feeda1fab70
cache-tag: 414577993168889349294354691808071675363,351400474140383510437951399380511509083,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 540
req-referer: https://ads.taboola.com/
content-length: 68368
x-request-id: d90ba50f6f7a678ab4b7cc2f8138dee9
x-backend-name: US_nlb102
x-served-by: cache-iad-kcgs7200158-IAD, cache-iad-kiad7000157-IAD, cache-ewr18181-EWR, cache-iad-kcgs7200118-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 02 Oct 2023 06:40:46 GMT
server: nginx
surrogate-reporting: width=999,height=562,bytes=102452,owidth=1000,oheight=600,obytes=144610
x-timer: S1703181355.986351,VS0,VE0
etag: "339877df7560e01db1ae91f8be977a88"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1673

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aad9a5b75fefc09c48b62063e9dec3b6.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c314a5902c8a2837b5dc12afb0cbf5533d145f71f0146e26c87cdd180c57e997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aad9a5b75fefc09c48b62063e9dec3b6.png
age: 4410417
edge-cache-tag: 556733189077441664192164388634062597999,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 556733189077441664192164388634062597999,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 454
req-referer: https://polskiobserwator.de/
content-length: 13296
x-request-id: cf41cca360f86519a7ddb516e4769d5e
x-backend-name: CH_nlb801
x-served-by: cache-iad-kcgs7200023-IAD, cache-iad-kiad7000035-IAD, cache-iad-kiad7000081-IAD, cache-fra-etou8220106-FRA
last-modified: Sun, 17 Sep 2023 23:26:36 GMT
server: nginx
surrogate-reporting: width=560,height=312,bytes=20614,owidth=1600,oheight=900,obytes=886767
x-timer: S1703181355.001798,VS0,VE0
etag: "2c24781e031e097dab07f4fb2de8d786"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 42, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3cd946682bb54ffc192c330f6cd78c67.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5298433734f4cf36853c7eae0161b734a6191b7a557ad26849d598c970616deb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3cd946682bb54ffc192c330f6cd78c67.jpg
age: 1056415
edge-cache-tag: 365613285388987769532952377643884752202,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 365613285388987769532952377643884752202,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 385
req-referer: https://morebeauty.eu/
content-length: 11698
x-request-id: 95fadbd4cf356834b24c34448fae5a78
x-backend-name: CH_nlb801
x-served-by: cache-iad-kcgs7200137-IAD, cache-iad-kjyo7100144-IAD, cache-lga21963-LGA, cache-iad-kcgs7200078-IAD, cache-fra-etou8220106-FRA
last-modified: Sat, 09 Dec 2023 11:30:11 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=19259,owidth=1000,oheight=600,obytes=355661
x-timer: S1703181355.004127,VS0,VE0
etag: "b719b8a254973e59a2634624e1cfbf2b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_649%2Cx_0%2Cy_96/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbc0fea7473f02a36361d31728df69fa.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a083ba905e5339d8691a6620b8569d11d306bf961c5c78f938633913920086f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_649%2Cx_0%2Cy_96/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbc0fea7473f02a36361d31728df69fa.jpg
age: 1925340
edge-cache-tag: 618266765815550996917113283031209869448,462131430010027076990691104394380344696,29ecf9b93bbf306179626feeda1fab70
cache-tag: 618266765815550996917113283031209869448,462131430010027076990691104394380344696,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 524
req-referer: https://ads.taboola.com/
content-length: 64448
x-request-id: aac11a0cda09628597ba13071fc92aef
x-backend-name: LA_nlb203
x-served-by: cache-iad-kjyo7100041-IAD, cache-iad-kiad7000119-IAD, cache-lax-kwhp1940026-LAX, cache-iad-kiad7000175-IAD, cache-fra-etou8220106-FRA
last-modified: Sat, 18 Nov 2023 09:27:18 GMT
server: nginx
surrogate-reporting: width=649,height=365,bytes=128975,owidth=650,oheight=488,obytes=181258
x-timer: S1703181355.030142,VS0,VE0
etag: "7319b190d449ed9954dbdd724f7adf87"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 530

GET
H2 200 e574d0774c48691f3af0ae2061af35d3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
25 KB 39ms
39ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e574d0774c48691f3af0ae2061af35d3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b8561de28162e46c4f8c8fed9e5462f833c6e6eeef9fc25e002a6cfe13251114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e574d0774c48691f3af0ae2061af35d3.png
age: 4266939
edge-cache-tag: 578705306751097711567236155726779671145,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 578705306751097711567236155726779671145,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 4854
req-referer: https://forums.digitalspy.com/
content-length: 24194
x-request-id: aa12728d7747b5a59f4cd65dbe449a42
x-backend-name: LA_nlb201
x-served-by: cache-iad-kiad7000034-IAD, cache-iad-kiad7000117-IAD, cache-lax10680-LGB, cache-iad-kiad7000092-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 11 Sep 2023 15:35:15 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=42510,owidth=1232,oheight=772,obytes=1940678
x-timer: S1703181355.041945,VS0,VE0
etag: "b98dd3207fe9d132102e2c99a8f4b3c2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 15, 2

GET
H2 204 abtests
am-trc-events.taboola.com/graytv-wvirnbc29/log/3/ 0
230 B 44ms
44ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-wvirnbc29/log/3/abtests?route=AM:AM:V&tvi2=4948&tvi48=10638&tvi50=14585&lti=deflated&ri=2decd32e687058878327f8a75b602f2e&sd=v2_5709cac23b636cdf875fa9ab85b3d4a9_bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9_1703181353_1703181353_CNawjgYQkr1ZGOaBlOzIMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABo06-UtbOljN4acAA&ui=bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9&pi=/2023/12/08/crozet-group-knitting-hundreds-caps-newborns&wi=-4696034765452806373&pt=text&vi=1703181353190&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available-spa%22%2C%22eventTime%22%3A1703181354327%7D&tim=18%3A55%3A54.328&id=6241&llvl=2&cv=20231221-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 1991 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 23:00:17 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 1991 109 KB
38 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
Origin: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 22:31:35 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1991 24 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1991 203 KB
65 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 17:55:54 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D72 39 KB
15 KB 123ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A9D6 0
0 115ms
74ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3228451086031574&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0D72 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZWPW5w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/477273/5366780345/1700602072674/ Frame FA6A 5 KB
2 KB 161ms
82ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3a0e64f0cfce11a752e3dbff9b830977805611fcdd690479f49fa7a7c590b58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1831
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:55:54 GMT
expires: Fri, 22 Dec 2023 17:55:54 GMT
last-modified: Tue, 21 Nov 2023 21:27:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1991 0
26 B 77ms
77ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssulcbFoMsVANxQXevW0d07VnXrk3rcFIunUes0XTmpWJjJTM1AHD7vSUCCco9M9Qdz8IddESb94MscFxDGy8VVte90Vs1xetGxAY8mUHmydmV6JDCU6ygkS3uVDD_z2b5sJjzQ5mosHuoP5fQynMIS-TB2sTlYhtZLMoSyNJuxRQTv0NFozp8xzn2HGBoAEumCmiBw3_17svLyP2Q8TtA_UgyZp6aappZMhhJ0GzXzbs6cjGibzGtsra0tiZzYpaA1Ssj4XYi3xjtKPxicoyyzfl-b6aiGo8G9KeLX7F9Liw1XGYEcNTi-jz_BUpca9nLS_fMeMNKf2OW_lZOB7ImpnYFtkXupZkxTe1iqNgI0ozv95VrHjlxkoaT_0ZtJWmIGPMk4wRMCMmqJ5EPd8XANeztIyg&sai=AMfl-YTpLwJdNwkpSu62iZDWZHFrH0pcJjtU2YtWWAcW0uoRidKthE77V4z2AyuY9YVdUx0UgAU7DoXVpi5vk4YL10RK9kPjOkuGJH_E89juJ8EQ43_iJnnztCmVDt2At1QUIOFgCdaBV8063j-l42FzsKbK&sig=Cg0ArKJSzIE4cFvhGqDpEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 20 KB
10 KB 108ms
108ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=624&height=350&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1703181354530&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1586&pt=241748010&tz=60&viewable=true&ddast=V8KA8CLAYkfBTknJ-SKxBI-CjIOT8lVygAAABgYGDtAIktTIPhbrNbyya-wVq0sHnWEudisJa5HMPhYrBxjEYrIyCxhWkw3G12a9nEN1iLFjbPWuJcDNYyl2M4XAw2jtFoZQUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvcETmk6Hz3Wv1_1-d8ly7vJ97hq_2y8ZTDZ7xWQvGO41lr_1ZXrrLH_X4a21O02np93nFrruJsvL5HlrHIbPW-7yXfyWu-cvBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcUB4o-Vp97ns_gAAAAAAAgAAAIAEgIDyWQkAGRysE___________MQboM29k_P___98w6AHw4APgQQgAAMDHEBxb4nHa3X8gIgXRRRgBAAAAgPo_KDsySSeoWFT5___vtwJwBQAggLGxMEAni-6gxFsYAAAAgjEL9LD4_WaHXeN3u8z_________v5n_M_9ohIjqh9MEXSj0qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389ILUbLDcOj2UzsW1mG5PNuFvNHM6FxbiaeEamhXN7QO1ozi5HSgb7VFjT5PIbJC2X2aCg-G0vg4zlMtnPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYMTkXjt3G5NbYXLa1aGacuSWmhcktMxlGlsnCM3GsLGvR62P6-FaGxcK5RYIBUnuRPC3SiWg2m3gWq4nNtNuNNrPRaOXZ-FaDyWbkcC5MxuFELNGcLNKJ7LJv7QbLjcNj2Uxsm9nGZDPuVjOHc2ExriaekWnh3FdMzoVjtzG5NTaXbS2aGWduiWlhcstMhpFlsvBMHCvLWvT6mD6-lWGxcO4bu8FmMVxsVpt9YzfYLIaLzWqz79AZvqvP2ehaHtMen2Eh-6lPNqdB4TJYvD-JaTHtzg6es-_odBmXyaLO6Pf7_X6_3-_3-_0GredgNih8w2ytKl38ZKudtPA4GBSxRHCRTnSWh_N0e-tuT8vd4rEsJ2KJ0nSRTvSSwWSzV0z2guFeY_lbX6a3zvJ3Hd5au9N0etp9bqHrbrK8TJ63xmH4vOUu38VvuXsuYongdJFORC_j6aL-IwYczCWr1Vw3VwwWqwQAAAAAAAAAYAmmmW4CAAAA4GQQw8lwuFung5ksF5PJaLkALLwkdQGDAAAAAAAA7PKlrhKCZ7rfKNbYYxBneThPt7fu9rTcLR7LcsoAAAoOmW32GUGs1WpZAwAAEMAGAAAQwE033gSEV3H_____4wAAAMjIoQcAALC2D2hKK_zIlWKPX0GMVsPV_gGoEGu1Wt1urNVqBSygwWq1mcD___9_ggAAAAAAADj5BQEAAAAAAHBeAA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3291224&dpubid=182887&abtst=adxsub-out_vA!adxsub-out_vB!adxsub_vA!dfrc_vA!esv_vA!pl149666-938_vC!rbcatc_vA!t45!tmaxc_vB!video-reel_vA&mPre=0&cirf=https%3A%2F%2Fwww.29news.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.6/UnitInstreamDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 93d1f821e124e2dfc72197cb816ba57fae501faa2717478c4d0a07c83de081f6

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1430
x-cache: MISS
x-served-by: cache-fra-etou8220106-FRA
pragma: no-cache
server: nginx
x-timer: S1703181355.551253,VS0,VE68
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://ioms.bfmio.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 79ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8KA8CLAYkfBTknJ-SKxBI-CjIOT8lVygAAABgYGDtAIktTIPhbrNbyya-wVq0sHnWEudisJa5HMPhYrBxjEYrIyCxhWkw3G12a9nEN1iLFjbPWuJcDNYyl2M4XAw2jtFoZQUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvcETmk6Hz3Wv1_1-d8ly7vJ97hq_2y8ZTDZ7xWQvGO41lr_1ZXrrLH_X4a21O02np93nFrruJsvL5HlrHIbPW-7yXfyWu-cvBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcUB4o-Vp97ns_gAAAAAAAgAAAIAEgIDyWQkAGRysE___________MQboM29k_P___98w6AHw4APgQQgAAMDHEBxb4nHa3X8gIgXRRRgBAAAAgPo_KDsySSeoWFT5___vtwJwBQAggLGxMEAni-6gxFsYAAAAgjEL9LD4_WaHXeN3u8z_________v5n_M_9ohIjqh9MEXSj0qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389ILUbLDcOj2UzsW1mG5PNuFvNHM6FxbiaeEamhXN7QO1ozi5HSgb7VFjT5PIbJC2X2aCg-G0vg4zlMtnPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYMTkXjt3G5NbYXLa1aGacuSWmhcktMxlGlsnCM3GsLGvR62P6-FaGxcK5RYIBUnuRPC3SiWg2m3gWq4nNtNuNNrPRaOXZ-FaDyWbkcC5MxuFELNGcLNKJ7LJv7QbLjcNj2Uxsm9nGZDPuVjOHc2ExriaekWnh3FdMzoVjtzG5NTaXbS2aGWduiWlhcstMhpFlsvBMHCvLWvT6mD6-lWGxcO4bu8FmMVxsVpt9YzfYLIaLzWqz79AZvqvP2ehaHtMen2Eh-6lPNqdB4TJYvD-JaTHtzg6es-_odBmXyaLO6Pf7_X6_3-_3-_0GredgNih8w2ytKl38ZKudtPA4GBSxRHCRTnSWh_N0e-tuT8vd4rEsJ2KJ0nSRTvSSwWSzV0z2guFeY_lbX6a3zvJ3Hd5au9N0etp9bqHrbrK8TJ63xmH4vOUu38VvuXsuYongdJFORC_j6aL-IwYczCWr1Vw3VwwWqwQAAAAAAAAAYAmmmW4CAAAA4GQQw8lwuFung5ksF5PJaLkALLwkdQGDAAAAAAAA7PKlrhKCZ7rfKNbYYxBneThPt7fu9rTcLR7LcsoAAAoOmW32GUGs1WpZAwAAEMAGAAAQwE033gSEV3H_____4wAAAMjIoQcAALC2D2hKK_zIlWKPX0GMVsPV_gGoEGu1Wt1urNVqBSygwWq1mcD___9_ggAAAAAAADj5BQEAAAAAAHBeAA!&cmcv=&pix=31589837&cb=1703181354528&uv=3369&tms=1703181354528&abt=adxsub-out_vA!adxsub-out_vB!adxsub_vA!dfrc_vA!esv_vA!pl149666-938_vC!rbcatc_vA!t45!tmaxc_vB!video-reel_vA&ft=0&unm=INSTREAM&debug=pn:!sqg:!torgn:1703181346242.2!ts:1703181354528&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
content-length: 0
server: nginx

GET
H2 200 st
imprammp.taboola.com/ 0
101 B 48ms
48ms Image
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8KA8CLAYkfBTknJ-SKxBI-CjIOT8lVygAAABgYGDtAIktTIPhbrNbyya-wVq0sHnWEudisJa5HMPhYrBxjEYrIyCxhWkw3G12a9nEN1iLFjbPWuJcDNYyl2M4XAw2jtFoZQUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvcETmk6Hz3Wv1_1-d8ly7vJ97hq_2y8ZTDZ7xWQvGO41lr_1ZXrrLH_X4a21O02np93nFrruJsvL5HlrHIbPW-7yXfyWu-cvBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcUB4o-Vp97ns_gAAAAAAAgAAAIAEgIDyWQkAGRysE___________MQboM29k_P___98w6AHw4APgQQgAAMDHEBxb4nHa3X8gIgXRRRgBAAAAgPo_KDsySSeoWFT5___vtwJwBQAggLGxMEAni-6gxFsYAAAAgjEL9LD4_WaHXeN3u8z_________v5n_M_9ohIjqh9MEXSj0qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389ILUbLDcOj2UzsW1mG5PNuFvNHM6FxbiaeEamhXN7QO1ozi5HSgb7VFjT5PIbJC2X2aCg-G0vg4zlMtnPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYMTkXjt3G5NbYXLa1aGacuSWmhcktMxlGlsnCM3GsLGvR62P6-FaGxcK5RYIBUnuRPC3SiWg2m3gWq4nNtNuNNrPRaOXZ-FaDyWbkcC5MxuFELNGcLNKJ7LJv7QbLjcNj2Uxsm9nGZDPuVjOHc2ExriaekWnh3FdMzoVjtzG5NTaXbS2aGWduiWlhcstMhpFlsvBMHCvLWvT6mD6-lWGxcO4bu8FmMVxsVpt9YzfYLIaLzWqz79AZvqvP2ehaHtMen2Eh-6lPNqdB4TJYvD-JaTHtzg6es-_odBmXyaLO6Pf7_X6_3-_3-_0GredgNih8w2ytKl38ZKudtPA4GBSxRHCRTnSWh_N0e-tuT8vd4rEsJ2KJ0nSRTvSSwWSzV0z2guFeY_lbX6a3zvJ3Hd5au9N0etp9bqHrbrK8TJ63xmH4vOUu38VvuXsuYongdJFORC_j6aL-IwYczCWr1Vw3VwwWqwQAAAAAAAAAYAmmmW4CAAAA4GQQw8lwuFung5ksF5PJaLkALLwkdQGDAAAAAAAA7PKlrhKCZ7rfKNbYYxBneThPt7fu9rTcLR7LcsoAAAoOmW32GUGs1WpZAwAAEMAGAAAQwE033gSEV3H_____4wAAAMjIoQcAALC2D2hKK_zIlWKPX0GMVsPV_gGoEGu1Wt1urNVqBSygwWq1mcD___9_ggAAAAAAADj5BQEAAAAAAHBeAA!&cmcv=&pix=undefined&cb=1703181354528&uv=3369&tms=1703181354528&abt=adxsub-out_vA!adxsub-out_vB!adxsub_vA!dfrc_vA!esv_vA!pl149666-938_vC!rbcatc_vA!t45!tmaxc_vB!video-reel_vA&ft=0&unm=INSTREAM&aure=false&agl=1&cirid=6a408737-6b70-4af3-b910-fe18810c144e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish
server: nginx
x-timer: S1703181355.551229,VS0,VE9
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra-etou8220106-FRA

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_6_9/assets/css/ 60 KB
8 KB 39ms
39ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_6_9/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.6/UnitInstreamDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime: 1702980162
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: FH3H4KJZ83B5TRHD
age: 201125
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1702980163
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: jvOD/f74Mr2k/AuECaYkGSJJSiiAdPpJgjW0vR/6SAXv0JTYH4FIhNqJ7Cs+in3xc/NCxkRnGTs=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Tue, 19 Dec 2023 10:02:44 GMT
server: AmazonS3-br
x-timer: S1703181355.666597,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 167911

GET
H2 200 cmTagINSTREAM.js Show response
vidstat.taboola.com/vpaid/units/33_6_9/infra/ 386 KB
89 KB 40ms
40ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagINSTREAM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.6/UnitInstreamDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9cc9cc259a52808ef6cfeeca1e7a2c1d4c84ee3248150350f24c41d5e1453d21

Request headers

Referer: https://www.29news.com/
Origin: https://www.29news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime: 1702980140
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: CV6YPZAPPGEY22QD
age: 201123
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1702980141
x-amz-meta-mode: 33188
content-length: 90553
x-amz-id-2: 29oUb5GOOLRoWKdnUV5SbD29KlcWU+1H0qE8VMLjKJtE+zq8eyX8yKEBxob+iu0fygsDnukUOU8=
x-served-by: cache-fra-etou8220114-FRA
last-modified: Tue, 19 Dec 2023 10:02:22 GMT
server: AmazonS3-br
x-timer: S1703181355.666480,VS0,VE0
etag: "80b4f14331b92aec73b321d9a06be72a"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 8798

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame FA6A 236 KB
63 KB 189ms
76ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Thu, 21 Dec 2023 18:10:54 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/dfp/477273/5366780345/1700602072674/ Frame FA6A 32 KB
7 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4e9d82a4257a979307aa20b04a13fabb144d93647ed18e30085be4302517643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7563
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:27:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:54 GMT

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/ 429 KB
81 KB 41ms
41ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagINSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 68695c601fa95d4bb33373955d52ec3f8a5c0b8233df2019918276a1fe1f55e3

Request headers

Referer: https://www.29news.com/
Origin: https://www.29news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime: 1702980075
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: PD5PWKHN6QA9H6A8
age: 201221
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1702980088
x-amz-meta-mode: 33188
content-length: 82175
x-amz-id-2: 3+ofQETv+AEUVl+bSb/ifEIAdKn95WRtjEl6U5JMIMv+tBAjq/kjrxNSYtb7G6R7QYGYCxf/WAs=
x-served-by: cache-fra-etou8220114-FRA
last-modified: Tue, 19 Dec 2023 10:01:29 GMT
server: AmazonS3-br
x-timer: S1703181355.757770,VS0,VE0
etag: "a41ed74a255098313081b378c4525c54"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 192973

GET
H2 200 /
www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/ 64 KB
64 KB 48ms
48ms Image
text/html 2a02:26f0:480:f::213:7ecc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl: 900
x-arc-pb-request-id: 1ed1c5a8-75de-444d-9e26-f2e857d7926e, c82012a1-1517-4aad-9230-4f7b98ffc9a4
content-encoding: gzip
date: Thu, 21 Dec 2023 17:55:54 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: ORD58-P3
strict-transport-security: max-age=86400
x-arc-request-id: 0.8c7d1302.1703181354.5c00cc9b
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1703181354763_34831756_1543556251_37_1881_38_0_146";dur=1
prerender-cache-tag: prerender-gray-wvir-prod-02220c9c
content-length: 37775
last-modified: Thu, 21 Dec 2023 17:55:52 GMT
server: openresty
etag: W/"3606a-aukIObj2esoJCUCccVGlQ2UUMwk"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: private, max-age=60
x-amz-cf-id: -GciQI8qmjjANq30Vs6t1B03WVDeZqi-A2Gj9NICl7cFFv26Thf1kA==
x-akamai-transformed: 9 - 0 pmb=mRUM,2
expires: Thu, 21 Dec 2023 17:56:54 GMT

GET
H2 200 sync Show response
am-match.taboola.com/ Frame D880 439 B
533 B 112ms
43ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8KA8CLAYkfBTknJ-SKxBI-CjIOT8lVygAAABgYGDtAIktTIPhbrNbyya-wVq0sHnWEudisJa5HMPhYrBxjEYrIyCxhWkw3G12a9nEN1iLFjbPWuJcDNYyl2M4XAw2jtFoZQUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvcETmk6Hz3Wv1_1-d8ly7vJ97hq_2y8ZTDZ7xWQvGO41lr_1ZXrrLH_X4a21O02np93nFrruJsvL5HlrHIbPW-7yXfyWu-cvBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcUB4o-Vp97ns_gAAAAAAAgAAAIAEgIDyWQkAGRysE___________MQboM29k_P___98w6AHw4APgQQgAAMDHEBxb4nHa3X8gIgXRRRgBAAAAgPo_KDsySSeoWFT5___vtwJwBQAggLGxMEAni-6gxFsYAAAAgjEL9LD4_WaHXeN3u8z_________v5n_M_9ohIjqh9MEXSj0qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389ILUbLDcOj2UzsW1mG5PNuFvNHM6FxbiaeEamhXN7QO1ozi5HSgb7VFjT5PIbJC2X2aCg-G0vg4zlMtnPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYMTkXjt3G5NbYXLa1aGacuSWmhcktMxlGlsnCM3GsLGvR62P6-FaGxcK5RYIBUnuRPC3SiWg2m3gWq4nNtNuNNrPRaOXZ-FaDyWbkcC5MxuFELNGcLNKJ7LJv7QbLjcNj2Uxsm9nGZDPuVjOHc2ExriaekWnh3FdMzoVjtzG5NTaXbS2aGWduiWlhcstMhpFlsvBMHCvLWvT6mD6-lWGxcO4bu8FmMVxsVpt9YzfYLIaLzWqz79AZvqvP2ehaHtMen2Eh-6lPNqdB4TJYvD-JaTHtzg6es-_odBmXyaLO6Pf7_X6_3-_3-_0GredgNih8w2ytKl38ZKudtPA4GBSxRHCRTnSWh_N0e-tuT8vd4rEsJ2KJ0nSRTvSSwWSzV0z2guFeY_lbX6a3zvJ3Hd5au9N0etp9bqHrbrK8TJ63xmH4vOUu38VvuXsuYongdJFORC_j6aL-IwYczCWr1Vw3VwwWqwQAAAAAAAAAYAmmmW4CAAAA4GQQw8lwuFung5ksF5PJaLkALLwkdQGDAAAAAAAA7PKlrhKCZ7rfKNbYYxBneThPt7fu9rTcLR7LcsoAAAoOmW32GUGs1WpZAwAAEMAGAAAQwE033gSEV3H_____4wAAAMjIoQcAALC2D2hKK_zIlWKPX0GMVsPV_gGoEGu1Wt1urNVqBSygwWq1mcD___9_ggAAAAAAADj5BQEAAAAAAHBeAA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagINSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 703e7c411ac19e2fc84358be95709b28c17970570ea9ba5bcd2470256924a4d5

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 21 Dec 2023 17:55:54 GMT
machineid: 3408
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 42ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8KA8CLAYkfBTknJ-SKxBI-CjIOT8lVygAAABgYGDtAIktTIPhbrNbyya-wVq0sHnWEudisJa5HMPhYrBxjEYrIyCxhWkw3G12a9nEN1iLFjbPWuJcDNYyl2M4XAw2jtFoZQUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvcETmk6Hz3Wv1_1-d8ly7vJ97hq_2y8ZTDZ7xWQvGO41lr_1ZXrrLH_X4a21O02np93nFrruJsvL5HlrHIbPW-7yXfyWu-cvBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcUB4o-Vp97ns_gAAAAAAAgAAAIAEgIDyWQkAGRysE___________MQboM29k_P___98w6AHw4APgQQgAAMDHEBxb4nHa3X8gIgXRRRgBAAAAgPo_KDsySSeoWFT5___vtwJwBQAggLGxMEAni-6gxFsYAAAAgjEL9LD4_WaHXeN3u8z_________v5n_M_9ohIjqh9MEXSj0qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389ILUbLDcOj2UzsW1mG5PNuFvNHM6FxbiaeEamhXN7QO1ozi5HSgb7VFjT5PIbJC2X2aCg-G0vg4zlMtnPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYMTkXjt3G5NbYXLa1aGacuSWmhcktMxlGlsnCM3GsLGvR62P6-FaGxcK5RYIBUnuRPC3SiWg2m3gWq4nNtNuNNrPRaOXZ-FaDyWbkcC5MxuFELNGcLNKJ7LJv7QbLjcNj2Uxsm9nGZDPuVjOHc2ExriaekWnh3FdMzoVjtzG5NTaXbS2aGWduiWlhcstMhpFlsvBMHCvLWvT6mD6-lWGxcO4bu8FmMVxsVpt9YzfYLIaLzWqz79AZvqvP2ehaHtMen2Eh-6lPNqdB4TJYvD-JaTHtzg6es-_odBmXyaLO6Pf7_X6_3-_3-_0GredgNih8w2ytKl38ZKudtPA4GBSxRHCRTnSWh_N0e-tuT8vd4rEsJ2KJ0nSRTvSSwWSzV0z2guFeY_lbX6a3zvJ3Hd5au9N0etp9bqHrbrK8TJ63xmH4vOUu38VvuXsuYongdJFORC_j6aL-IwYczCWr1Vw3VwwWqwQAAAAAAAAAYAmmmW4CAAAA4GQQw8lwuFung5ksF5PJaLkALLwkdQGDAAAAAAAA7PKlrhKCZ7rfKNbYYxBneThPt7fu9rTcLR7LcsoAAAoOmW32GUGs1WpZAwAAEMAGAAAQwE033gSEV3H_____4wAAAMjIoQcAALC2D2hKK_zIlWKPX0GMVsPV_gGoEGu1Wt1urNVqBSygwWq1mcD___9_ggAAAAAAADj5BQEAAAAAAHBeAA!&cmcv=&pix=31589837&cb=1703181354725&uv=3369&tms=1703181354725&su=&abt=adxsub-out_vA!adxsub-out_vB!adxsub_vA!adxsub_vA!dfrc_vA!esv_vA!pl149666-938_vC!rbcatc_vA!t45!tmaxc_vB!video-reel_vA&ft=0&unm=INSTREAM&debug=pn:!sqg:!torgn:1703181346242.2!ts:1703181354725&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 41ms
40ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.29news.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Thu, 21 Dec 2023 17:55:54 GMT
via: 1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: WAW51-P3
age: 611090
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-etou8220106-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1703181355.777577,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits: 2105815

GET
H3 200 container.html Show response
ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 65A1 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:55:53 GMT
expires: Fri, 20 Dec 2024 17:55:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
126 KB 146ms
53ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128925
x-xss-protection: 0
expires: Thu, 21 Dec 2023 17:55:54 GMT

GET
H2 200 getmu Show response
ioms.bfmio.com/ 49 B
504 B 537ms
232ms XHR
application/xml 54.88.121.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ioms.bfmio.com/getmu?aid=f3ba7097-c379-4680-c2af-b76fbd71dc0e&output=html5&width=850&height=478&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1703181354813&us_privacy=1---

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.121.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-121-69.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.29news.com
access-control-expose-headers: location
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getmu Show response
ioms.bfmio.com/ 49 B
514 B 537ms
233ms XHR
application/xml 54.88.121.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=850&height=478&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1703181354814&us_privacy=1---

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.121.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-121-69.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.29news.com
access-control-expose-headers: location
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getmu Show response
ioms.bfmio.com/ 49 B
515 B 431ms
127ms XHR
application/xml 54.88.121.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ioms.bfmio.com/getmu?aid=84e8e789-616d-47d7-c714-4c50c98f0387&output=html5&width=850&height=478&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1703181354815&us_privacy=1---

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.121.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-121-69.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.29news.com
access-control-expose-headers: location
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getmu Show response
ioms.bfmio.com/ 49 B
513 B 431ms
128ms XHR
application/xml 54.88.121.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ioms.bfmio.com/getmu?aid=311c27aa-1ff6-4394-bdcf-78e2d8ad40f2&output=html5&width=850&height=478&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=pre&stream=in&playback=2&cb=R0.1703181354815&us_privacy=1---

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.121.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-121-69.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.29news.com
access-control-expose-headers: location
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getmu Show response
ioms.bfmio.com/ 49 B
514 B 432ms
129ms XHR
application/xml 54.88.121.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ioms.bfmio.com/getmu?aid=451778c9-7900-4542-916a-95dd2097ac72&output=html5&width=850&height=478&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1703181354815&us_privacy=1---

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.6/OvaMediaPlayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.121.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-121-69.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.29news.com
access-control-expose-headers: location
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 65A1 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 23:00:17 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 65A1 109 KB
38 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
Origin: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 22:31:35 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 65A1 24 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 65A1 203 KB
64 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 17:55:54 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D880 70 B
148 B 56ms
56ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8KA8CLAYkfBTknJ-SKxBI-CjIOT8lVygAAABgYGDtAIktTIPhbrNbyya-wVq0sHnWEudisJa5HMPhYrBxjEYrIyCxhWkw3G12a9nEN1iLFjbPWuJcDNYyl2M4XAw2jtFoZQUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvcETmk6Hz3Wv1_1-d8ly7vJ97hq_2y8ZTDZ7xWQvGO41lr_1ZXrrLH_X4a21O02np93nFrruJsvL5HlrHIbPW-7yXfyWu-cvBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcUB4o-Vp97ns_gAAAAAAAgAAAIAEgIDyWQkAGRysE___________MQboM29k_P___98w6AHw4APgQQgAAMDHEBxb4nHa3X8gIgXRRRgBAAAAgPo_KDsySSeoWFT5___vtwJwBQAggLGxMEAni-6gxFsYAAAAgjEL9LD4_WaHXeN3u8z_________v5n_M_9ohIjqh9MEXSj0qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389ILUbLDcOj2UzsW1mG5PNuFvNHM6FxbiaeEamhXN7QO1ozi5HSgb7VFjT5PIbJC2X2aCg-G0vg4zlMtnPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYMTkXjt3G5NbYXLa1aGacuSWmhcktMxlGlsnCM3GsLGvR62P6-FaGxcK5RYIBUnuRPC3SiWg2m3gWq4nNtNuNNrPRaOXZ-FaDyWbkcC5MxuFELNGcLNKJ7LJv7QbLjcNj2Uxsm9nGZDPuVjOHc2ExriaekWnh3FdMzoVjtzG5NTaXbS2aGWduiWlhcstMhpFlsvBMHCvLWvT6mD6-lWGxcO4bu8FmMVxsVpt9YzfYLIaLzWqz79AZvqvP2ehaHtMen2Eh-6lPNqdB4TJYvD-JaTHtzg6es-_odBmXyaLO6Pf7_X6_3-_3-_0GredgNih8w2ytKl38ZKudtPA4GBSxRHCRTnSWh_N0e-tuT8vd4rEsJ2KJ0nSRTvSSwWSzV0z2guFeY_lbX6a3zvJ3Hd5au9N0etp9bqHrbrK8TJ63xmH4vOUu38VvuXsuYongdJFORC_j6aL-IwYczCWr1Vw3VwwWqwQAAAAAAAAAYAmmmW4CAAAA4GQQw8lwuFung5ksF5PJaLkALLwkdQGDAAAAAAAA7PKlrhKCZ7rfKNbYYxBneThPt7fu9rTcLR7LcsoAAAoOmW32GUGs1WpZAwAAEMAGAAAQwE033gSEV3H_____4wAAAMjIoQcAALC2D2hKK_zIlWKPX0GMVsPV_gGoEGu1Wt1urNVqBSygwWq1mcD___9_ggAAAAAAADj5BQEAAAAAAHBeAA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9
pr-bh.ybp.yahoo.com/sync/taboola/ Frame D880 43 B
426 B 199ms
58ms Image
image/gif 2a05:d018:d29:3601:7018:7dc3:a4e8:e820
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8KA8CLAYkfBTknJ-SKxBI-CjIOT8lVygAAABgYGDtAIktTIPhbrNbyya-wVq0sHnWEudisJa5HMPhYrBxjEYrIyCxhWkw3G12a9nEN1iLFjbPWuJcDNYyl2M4XAw2jtFoZQUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvcETmk6Hz3Wv1_1-d8ly7vJ97hq_2y8ZTDZ7xWQvGO41lr_1ZXrrLH_X4a21O02np93nFrruJsvL5HlrHIbPW-7yXfyWu-cvBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcUB4o-Vp97ns_gAAAAAAAgAAAIAEgIDyWQkAGRysE___________MQboM29k_P___98w6AHw4APgQQgAAMDHEBxb4nHa3X8gIgXRRRgBAAAAgPo_KDsySSeoWFT5___vtwJwBQAggLGxMEAni-6gxFsYAAAAgjEL9LD4_WaHXeN3u8z_________v5n_M_9ohIjqh9MEXSj0qPkFBABY8wsIAMBG3QAAvBGAE3QIWjEYrE5AzA4AAADAnf___389ILUbLDcOj2UzsW1mG5PNuFvNHM6FxbiaeEamhXN7QO1ozi5HSgb7VFjT5PIbJC2X2aCg-G0vg4zlMtnPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIYMTkXjt3G5NbYXLa1aGacuSWmhcktMxlGlsnCM3GsLGvR62P6-FaGxcK5RYIBUnuRPC3SiWg2m3gWq4nNtNuNNrPRaOXZ-FaDyWbkcC5MxuFELNGcLNKJ7LJv7QbLjcNj2Uxsm9nGZDPuVjOHc2ExriaekWnh3FdMzoVjtzG5NTaXbS2aGWduiWlhcstMhpFlsvBMHCvLWvT6mD6-lWGxcO4bu8FmMVxsVpt9YzfYLIaLzWqz79AZvqvP2ehaHtMen2Eh-6lPNqdB4TJYvD-JaTHtzg6es-_odBmXyaLO6Pf7_X6_3-_3-_0GredgNih8w2ytKl38ZKudtPA4GBSxRHCRTnSWh_N0e-tuT8vd4rEsJ2KJ0nSRTvSSwWSzV0z2guFeY_lbX6a3zvJ3Hd5au9N0etp9bqHrbrK8TJ63xmH4vOUu38VvuXsuYongdJFORC_j6aL-IwYczCWr1Vw3VwwWqwQAAAAAAAAAYAmmmW4CAAAA4GQQw8lwuFung5ksF5PJaLkALLwkdQGDAAAAAAAA7PKlrhKCZ7rfKNbYYxBneThPt7fu9rTcLR7LcsoAAAoOmW32GUGs1WpZAwAAEMAGAAAQwE033gSEV3H_____4wAAAMjIoQcAALC2D2hKK_zIlWKPX0GMVsPV_gGoEGu1Wt1urNVqBSygwWq1mcD___9_ggAAAAAAADj5BQEAAAAAAHBeAA!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:7018:7dc3:a4e8:e820 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame D880 0
125 B 138ms
42ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/477273/5366780345/1700602072701/ Frame B089 5 KB
2 KB 61ms
61ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93dfbe7a61ac42cd35fb8489d1c3bfd5a4ae2660a29a1111eb0f906c05115956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1832
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:55:54 GMT
expires: Fri, 22 Dec 2023 17:55:54 GMT
last-modified: Tue, 21 Nov 2023 21:27:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 65A1 0
26 B 77ms
76ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssypmDiQyJK6rdhWaZJ4F3vGfGl44jf_N3Y8gNq-VuvZGZX-S7IiPAb_rdhNIZ5gJScxRJgRaynXHbdtrhO4gBq0XvoQEph60BUt5sdIaJrWwYRR4R8Gxk4hYtaI-crUQcWbF9SCsHfSKy9-vx2lVTUsXHZY9oUo4psM9JoW9AlAEKqfoE_CuMJVshoAQwQFZ43I1FYVakiLi1wD9MmJjz0PgTRUc6O_iIYSKeMArnFCzZvvXE4klHMRUFi410Ptpo4Mju0L_u477zwCwlt-agb6VF7AqBqbMtEghGx6b6-8ttnd9fzoYVr7BF1H1OXgjYUNKLGhkFZjqbq3y-_5W4H_ltF9TEeDBc_w8i_mECm56dpUq5FSn8vTNbodvPqlgBtDXg-XK1YFiLp5TlFY_h419Kn4w&sai=AMfl-YTb2pP1USuPnHZBZtFmWg8CBRyvwSpzkARaPm56x05OvItg7A49jfq0WaqGf03bAmHUkSwowvc7xYxUunY8ys5QfO1lcROnXSgYqzV9h6zoDrGmgypifi0YGbDRAxABDa6ud990QvBdBAXCfgLOvW8&sig=Cg0ArKJSzLcvGSu7OM9WEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/meredith-network/ 1 MB
85 KB 40ms
40ms Fetch
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91c3a1477658a031f6abcd5b71fddaa2774e3284976ca2240440eda8f37069a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: SU62hfZwNbK8RY1GhxO3LWqt.ZHIJFSz
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:54 GMT
x-amz-request-id: 2QD68V6TC4F78J92
age: 6677
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 86947
x-amz-id-2: 9Mn+D0QfwAuBAqhJiXYcMW8MEv7nPgV7vIZFXwynX06gajRMn8NvkrhpphhKcqzWyYYmBk9KGK8=
x-served-by: cache-fra-etou8220114-FRA
last-modified: Thu, 21 Dec 2023 16:04:37 GMT
server: AmazonS3
x-timer: S1703181355.922266,VS0,VE0
etag: "7b15b476bc1cfe30bf86b5acc9107f28"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 88
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 5

GET
H2 204 abtests
am-trc-events.taboola.com/graytv-wvirnbc29/log/3/ 0
230 B 44ms
44ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-wvirnbc29/log/3/abtests?route=AM:AM:V&tvi2=4948&tvi48=10638&tvi50=14585&lti=deflated&ri=8ab4a768a537acd30a825a549c6dac74&sd=v2_5709cac23b636cdf875fa9ab85b3d4a9_bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9_1703181353_1703181354_CNawjgYQkr1ZGOaBlOzIMSABKAEwODib4wlAgYoQSKq22QNQ____________AVgAYABo06-UtbOljN4acAA&ui=bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9&pi=/2023/12/08/crozet-group-knitting-hundreds-caps-newborns&wi=-4696034765452806373&pt=text&vi=1703181353190&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1703181354934%7D&tim=18%3A55%3A54.935&id=7645&llvl=2&cv=20231221-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 21 Dec 2023 17:55:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 7e36d95104a92a1c63df4b614abc9e9d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 46 KB
47 KB 40ms
40ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e36d95104a92a1c63df4b614abc9e9d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f50a6c5488351116c150e488dcef816ae863410a9aafc88245343cf069117eee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e36d95104a92a1c63df4b614abc9e9d.jpeg
age: 1402114
edge-cache-tag: 550897440750064702163162219306249614643,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 550897440750064702163162219306249614643,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 231
req-referer: https://tamil.oneindia.com/
content-length: 47348
x-request-id: 98b38fdc732dde9d39727a3901bb44cf
x-backend-name: LA_nlb204
x-served-by: cache-iad-kiad7000025-IAD, cache-iad-kjyo7100104-IAD, cache-lax-kwhp1940106-LAX, cache-iad-kcgs7200033-IAD, cache-fra-etou8220106-FRA
last-modified: Tue, 05 Dec 2023 10:14:53 GMT
server: nginx
surrogate-reporting: width=1129,height=628,bytes=162375,owidth=1200,oheight=628,obytes=403464
x-timer: S1703181355.045322,VS0,VE1
etag: "03a40969949970aaa96d2758d897b821"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 2, 1

GET
H2 200 djsam6hxgcwlrfyb74t0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700686231/ 11 KB
12 KB 40ms
40ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700686231/djsam6hxgcwlrfyb74t0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 893eae8627f763dd720a9e4b4b154f263b1d3ad340396137d9f4c5ef1a655f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700686231/djsam6hxgcwlrfyb74t0.jpg
age: 1052650
edge-cache-tag: 552484223611607983875918282273428470467,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 552484223611607983875918282273428470467,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 55
req-referer: https://www.hollywoodreporter.com/
content-length: 11686
x-request-id: acea28044bb1f0561844c8e2fb5ce4b0
x-backend-name: US_nlb102
x-served-by: cache-iad-kiad7000080-IAD, cache-iad-kiad7000117-IAD, cache-lga21920-LGA, cache-iad-kcgs7200049-IAD, cache-fra-etou8220106-FRA
last-modified: Wed, 22 Nov 2023 20:51:14 GMT
server: nginx
surrogate-reporting: width=800,height=444,bytes=22570,owidth=800,oheight=450,obytes=21815
x-timer: S1703181355.064230,VS0,VE1
etag: "365def712cbc8c5c45c6459f0c1d51a3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1, 1

GET
H2 200 5b7a1f98f7a86e758aa159a092d0d7f6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 40ms
40ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b7a1f98f7a86e758aa159a092d0d7f6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 450cdbea50d33a3a70ac96eb00516795bdc359dd12d3b5f9e1af5f7a94d642aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b7a1f98f7a86e758aa159a092d0d7f6.jpg
age: 4473767
edge-cache-tag: 605974563756649217556436442754257578401,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 605974563756649217556436442754257578401,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 68
expiration: expiry-date="Sat, 30 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.marca.com/
content-length: 5926
x-backend-name: CH_nlb802
x-served-by: cache-iad-kiad7000077-IAD, cache-iad-kiad7000045-IAD, cache-iad-kcgs7200072-IAD, cache-fra-etou8220106-FRA
last-modified: Wed, 30 Aug 2023 08:44:28 GMT
server: nginx
surrogate-reporting: width=360,height=200,owidth=1000,oheight=600,obytes=65283
x-timer: S1703181355.074070,VS0,VE1
etag: "d7cc1264b0f2879aa39ab20fd699f8bd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 19, 1

GET
H2 200 6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 9 KB
10 KB 39ms
39ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 02466c3c035419a9657824e4d82d61f4f19c3bde2a8e892bff94d5196ce16c0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
age: 3815493
edge-cache-tag: 321194619511491062242132839077726262353,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 321194619511491062242132839077726262353,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 372
req-referer: https://www.oneindia.com/elections/?ref_medium=Desktop&ref_source=OI-EN&ref_campaign=menu-header
content-length: 9174
x-request-id: 0e1f52aad0cd1fce3561647350db44ec
x-backend-name: CH_nlb803
x-served-by: cache-iad-kjyo7100158-IAD, cache-iad-kjyo7100140-IAD, cache-chi-kigq8000048-CHI, cache-iad-kcgs7200144-IAD, cache-fra-etou8220106-FRA
last-modified: Thu, 02 Nov 2023 12:52:38 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=12620,owidth=1999,oheight=1249,obytes=185477
x-timer: S1703181355.083198,VS0,VE0
etag: "5b8c94b31dc2c6880e0719acd3de60e7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

GET
H2 200 ffc7d0a84f8cbb1737bfb7cbb8c4b217.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 39ms
38ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ffc7d0a84f8cbb1737bfb7cbb8c4b217.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d93036adeac11cb74bc02c4a7d1e54d4998ff1c87cda841f7ec7c39a3bfa786d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ffc7d0a84f8cbb1737bfb7cbb8c4b217.png
age: 708213
edge-cache-tag: 335444885133266968752896752173434359422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 335444885133266968752896752173434359422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 54
expiration: expiry-date="Mon, 25 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lefigaro.fr/
content-length: 8644
x-backend-name: LA_nlb204
x-served-by: cache-iad-kiad7000092-IAD, cache-iad-kjyo7100158-IAD, cache-lax-kwhp1940055-LAX, cache-iad-kcgs7200112-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 24 Nov 2023 13:50:19 GMT
server: nginx
surrogate-reporting: width=600,height=333,bytes=23573,owidth=600,oheight=400,obytes=329618
x-timer: S1703181355.088231,VS0,VE0
etag: "c853d7db0e51c40ef0081b31bf0472c3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 6

GET
H2 200 2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 41 KB
41 KB 40ms
39ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 77b3b9d0d85cfbb404125756c8028a784d303a08798f75557c47c69f7b2ae24f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age: 5548645
edge-cache-tag: 539264722275397693898618951167535693130,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 539264722275397693898618951167535693130,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 113
expiration: expiry-date="Mon, 02 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.watson.de/
content-length: 41730
x-backend-name: US_nlb106
x-served-by: cache-iad-kcgs7200166-IAD, cache-iad-kiad7000020-IAD, cache-iad-kiad7000129-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 01 Sep 2023 11:47:36 GMT
server: nginx
x-timer: S1703181355.093931,VS0,VE0
etag: "33d64e6f46762b33b7b0d79ea8388430"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 352, 13

GET
H2 200 8d09eac6e9c9897dd22885bcaabb6e1e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
24 KB 40ms
40ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d09eac6e9c9897dd22885bcaabb6e1e.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff54f31beb950fd0a5e86afd8fce08a77f6540224794971024ab7ab7b7e041aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d09eac6e9c9897dd22885bcaabb6e1e.jpeg
age: 1149226
edge-cache-tag: 430448083929883128751191760526608857454,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 430448083929883128751191760526608857454,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 98
req-referer: https://www.desired.de/
content-length: 23252
x-request-id: 9f2e6d1e103d94f8b44a832aef4dc3eb
x-backend-name: LA_nlb201
x-served-by: cache-iad-kjyo7100124-IAD, cache-iad-kjyo7100035-IAD, cache-lax-kwhp1940072-LAX, cache-iad-kjyo7100042-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 08 Dec 2023 10:42:10 GMT
server: nginx
surrogate-reporting: width=932,height=517,bytes=57894,owidth=932,oheight=582,obytes=128865
x-timer: S1703181355.105174,VS0,VE2
etag: "c55174b913c33af59a1e46de82a07e17"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 2IFOP3JO65EMTH5CZGVTSXJMKI.jpg%3Fauth%3D30188f7548970a0bd16dbe1e82d9fb66a2484bbb4af64c6748b97de752a082c3%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 31 KB
32 KB 40ms
40ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/2IFOP3JO65EMTH5CZGVTSXJMKI.jpg%3Fauth%3D30188f7548970a0bd16dbe1e82d9fb66a2484bbb4af64c6748b97de752a082c3%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ca76ab4fec5ea3151efaf32f5b85ea7b30070e2b89438954d47728d6e243f705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/2IFOP3JO65EMTH5CZGVTSXJMKI.jpg%3Fauth%3D30188f7548970a0bd16dbe1e82d9fb66a2484bbb4af64c6748b97de752a082c3%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 2046150
edge-cache-tag: 391809127323206082653190106803800704935,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 391809127323206082653190106803800704935,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 333
req-referer: https://www.nbc29.com/
content-length: 32228
x-request-id: 35d02ac62fb11b1f2c54aed12f2216e9
x-backend-name: LA_nlb201
x-served-by: cache-iad-kjyo7100133-IAD, cache-iad-kcgs7200067-IAD, cache-lax-kwhp1940100-LAX, cache-iad-kiad7000168-IAD, cache-fra-etou8220106-FRA
last-modified: Tue, 28 Nov 2023 01:33:24 GMT
server: nginx
surrogate-reporting: width=1079,height=600,bytes=89753,owidth=1200,oheight=600,obytes=111904
x-timer: S1703181355.114639,VS0,VE2
etag: "ec8dacf1968670e5a06d7bfaaea3fe90"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 405, 1

GET
H2 200 T7HJ6J3D4ZFYVLWDV5P25YW2BA.jpg%3Fauth%3D23bcc676b7bec5d791261a5a07b1e2416598d51c1510f754a6664aa08ee8ed48%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 24 KB
25 KB 40ms
40ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/T7HJ6J3D4ZFYVLWDV5P25YW2BA.jpg%3Fauth%3D23bcc676b7bec5d791261a5a07b1e2416598d51c1510f754a6664aa08ee8ed48%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d7b187cc67b247dc96e69792c53e7217bf1e1fbeb0828f75961abad573e126e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/T7HJ6J3D4ZFYVLWDV5P25YW2BA.jpg%3Fauth%3D23bcc676b7bec5d791261a5a07b1e2416598d51c1510f754a6664aa08ee8ed48%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 1817831
edge-cache-tag: 426342681135456173516109621408559109224,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 426342681135456173516109621408559109224,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 102
req-referer: https://d-2372290111919554827.ampproject.net/
content-length: 24732
x-request-id: a3f59eb7a4589568dcba394820e5316d
x-backend-name: US_nlb105
x-served-by: cache-iad-kiad7000143-IAD, cache-iad-kiad7000132-IAD, cache-lga21967-LGA, cache-iad-kjyo7100060-IAD, cache-fra-etou8220106-FRA
last-modified: Thu, 30 Nov 2023 04:21:18 GMT
server: nginx
surrogate-reporting: width=1079,height=600,bytes=75959,owidth=1200,oheight=600,obytes=98127
x-timer: S1703181355.123335,VS0,VE1
etag: "c86a676d102e42e26d3602cc5b3185fb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 626, 1

GET
H2 200 f2f3ab6d-4dba-4ee1-ad73-e5a482b8ec6f__Kxlo0KK8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 24 KB
25 KB 41ms
41ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f2f3ab6d-4dba-4ee1-ad73-e5a482b8ec6f__Kxlo0KK8.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b4b72c7ba22a431dac1a657492acfddfd91bf9fbc71c6c61213cce089ee58714

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f2f3ab6d-4dba-4ee1-ad73-e5a482b8ec6f__Kxlo0KK8.jpg
age: 3793925
edge-cache-tag: 369892945166203625932769237237409230519,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 369892945166203625932769237237409230519,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 743
req-referer: https://www.sport1.de/news/fussball/bundesliga/2023/10/eberl-will-zum-fc-bayern-so-viel-musste-der-rekordmeister-zahlen
content-length: 24532
x-request-id: c84d40201c19402843f713e9a008d715
x-backend-name: CH_nlb802
x-served-by: cache-iad-kjyo7100133-IAD, cache-iad-kcgs7200063-IAD, cache-lga21946-LGA, cache-iad-kjyo7100177-IAD, cache-fra-etou8220106-FRA
last-modified: Sat, 16 Sep 2023 21:27:00 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=35590,owidth=2000,oheight=1333,obytes=563565
x-timer: S1703181355.128461,VS0,VE1
etag: "871460d2a24ad94d69f91c1e1d27b69b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 d8a4590108abcf2073567a43f853e659.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 39ms
38ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d8a4590108abcf2073567a43f853e659.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e34791099157cc89185c8d4ec8a826121203a77a0f0cb0f119c0ae29a71ffb8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d8a4590108abcf2073567a43f853e659.jpg
age: 4444954
edge-cache-tag: 535799013392878146286989432964408995103,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535799013392878146286989432964408995103,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 122
expiration: expiry-date="Thu, 28 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.harpersbazaar.com/
content-length: 22662
x-backend-name: US_nlb105
x-served-by: cache-iad-kjyo7100106-IAD, cache-iad-kiad7000179-IAD, cache-iad-kiad7000028-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 28 Aug 2023 06:14:38 GMT
server: nginx
surrogate-reporting: width=360,height=200,owidth=1000,oheight=600,obytes=790053
x-timer: S1703181355.135822,VS0,VE0
etag: "f296790e306f7ddc7dae116243345119"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 56, 2

GET
H2 200 93b00cf9420a16b5bd28580926bed799
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 41ms
40ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/93b00cf9420a16b5bd28580926bed799
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5062fda3a1a18613a55b5666666df4e244ae1614bc80773f011da56d10d411e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/93b00cf9420a16b5bd28580926bed799
age: 1290791
edge-cache-tag: 349087921095247456509117759328833712828,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 349087921095247456509117759328833712828,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 23
expiration: expiry-date="Thu, 21 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.mopo.de/
content-length: 13194
x-backend-name: LA_nlb203
x-served-by: cache-iad-kjyo7100041-IAD, cache-iad-kjyo7100086-IAD, cache-lax-kwhp1940112-LAX, cache-iad-kjyo7100129-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 20 Nov 2023 16:42:25 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=18224,owidth=1445,oheight=1445,obytes=324566
x-timer: S1703181355.146673,VS0,VE2
etag: "b7db1c51629a943834d3122196324661"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 10, 1

GET
H2 200 144a1ce325fc63c2f930c9ee573283bd.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 41ms
41ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/144a1ce325fc63c2f930c9ee573283bd.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8c1cd30b8d688d8c55a18a8c18a83e91872d8ef631c9c8cb467bd099238fcf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/144a1ce325fc63c2f930c9ee573283bd.png
age: 3778460
edge-cache-tag: 604314819661654497399301943478498831743,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 604314819661654497399301943478498831743,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 94
expiration: expiry-date="Sat, 21 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://roma.corriere.it/
content-length: 10526
x-backend-name: US_nlb106
x-served-by: cache-iad-kjyo7100159-IAD, cache-iad-kjyo7100107-IAD, cache-iad-kcgs7200151-IAD, cache-fra-etou8220106-FRA
last-modified: Wed, 20 Sep 2023 10:29:40 GMT
server: nginx
surrogate-reporting: width=624,height=346,bytes=23956,owidth=624,oheight=608,obytes=250856
x-timer: S1703181355.157283,VS0,VE2
etag: "40dc5e530fca754c56989c4f8cb5828c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 6, 1

GET
H2 200 1eee81d701c05844e02db99fff7fbd7c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 37 KB
38 KB 41ms
41ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1eee81d701c05844e02db99fff7fbd7c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 00fa20f893accdf6609bbe586aa81c3070fa98b491383689522da598c5a35010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1eee81d701c05844e02db99fff7fbd7c.jpg
age: 31011
edge-cache-tag: 487465816551590943384933345663553894456,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 487465816551590943384933345663553894456,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 96
req-referer: https://www.t-online.de/
content-length: 37806
x-request-id: f7916760a77e8e3a395931d6b051073c
x-backend-name: LA_nlb202
x-served-by: cache-iad-kiad7000121-IAD, cache-iad-kiad7000124-IAD, cache-bur-kbur8200057-BUR, cache-iad-kjyo7100148-IAD, cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 07:57:40 GMT
server: nginx
surrogate-reporting: width=1000,height=555,bytes=106760,owidth=1000,oheight=560,obytes=620910,ef=(1,13,17,23,30)
x-timer: S1703181355.165788,VS0,VE2
etag: "45750986e3560eb783b40ee437306304"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 0, 1

GET
H2 200 20ca3920796705f4e953bd5014720ea9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 40ms
40ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/20ca3920796705f4e953bd5014720ea9.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 066b4c43703e0fac583d07f0fa802396abad8a1347f327788911f524072d5905

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/20ca3920796705f4e953bd5014720ea9.jpg
age: 4272114
edge-cache-tag: 302935950058188571201508857327343714482,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 302935950058188571201508857327343714482,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 141
expiration: expiry-date="Mon, 16 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lefigaro.fr/
content-length: 16730
x-backend-name: LA_nlb201
x-served-by: cache-iad-kcgs7200068-IAD, cache-iad-kcgs7200065-IAD, cache-sna10745-LGB, cache-iad-kiad7000092-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 15 Sep 2023 23:26:47 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=28270,owidth=1200,oheight=634,obytes=142427
x-timer: S1703181355.169556,VS0,VE1
etag: "df25e375bd452616f481ce131c6a9af9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2861, 1

GET
H2 200 e3e58aa204c2dc3732e9756647974cad.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 41ms
41ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3e58aa204c2dc3732e9756647974cad.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c23b30bfbc0bd812419c64c97f1dec5597f32dbe3e93ba7f811baabbad683e0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3e58aa204c2dc3732e9756647974cad.jpeg
age: 622059
edge-cache-tag: 438746474855412670128399167291879072259,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 438746474855412670128399167291879072259,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 245
expiration: expiry-date="Mon, 06 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.karlsruhe-insider.de/
content-length: 9628
x-backend-name: LA_nlb202
x-served-by: cache-iad-kcgs7200096-IAD, cache-iad-kcgs7200027-IAD, cache-lax-kwhp1940091-LAX, cache-iad-kjyo7100170-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 06 Oct 2023 22:02:37 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=14530,owidth=1000,oheight=600,obytes=393497
x-timer: S1703181355.176482,VS0,VE1
etag: "afbebd5feb8e98a275f21bae258d0349"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 929c3319e35f9a5b080ddb81b736afe0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 26 KB
27 KB 43ms
43ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/929c3319e35f9a5b080ddb81b736afe0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b63862eedec7b1ff7fdff3ca9d962baad621fab0ef32db5d5e99e1f9878becb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/929c3319e35f9a5b080ddb81b736afe0.jpg
age: 3223521
edge-cache-tag: 304602976658064998707197742646001216556,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 304602976658064998707197742646001216556,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 154
expiration: expiry-date="Thu, 05 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ouest-france.fr/
content-length: 26270
x-backend-name: US_nlb103
x-served-by: cache-iad-kjyo7100066-IAD, cache-iad-kiad7000169-IAD, cache-iad-kjyo7100070-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 04 Sep 2023 12:43:57 GMT
server: nginx
surrogate-reporting: width=360,height=200,owidth=1000,oheight=600,obytes=137697
x-timer: S1703181355.190464,VS0,VE1
etag: "fc518caeb4feec47c34e51d103ea165d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1004, 1

GET
H2 200 https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F11-28-2023%252Ft_52a17419e82641a29207816b29a9a0ba_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3D4a0323b040c3b168d738610278e73276254d0ff12be8787acfe...
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 23 KB
24 KB 79ms
78ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F11-28-2023%252Ft_52a17419e82641a29207816b29a9a0ba_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3D4a0323b040c3b168d738610278e73276254d0ff12be8787acfe9fae10a5d333f%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d6f9b2b1d062e31d2371f04bed92cf063b18227986a97d5899de1821603ae5ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F11-28-2023%252Ft_52a17419e82641a29207816b29a9a0ba_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3D4a0323b040c3b168d738610278e73276254d0ff12be8787acfe9fae10a5d333f%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 616273
edge-cache-tag: 483193263609295722467564842728203042199,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
cache-tag: 483193263609295722467564842728203042199,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1882
req-referer: https://www.nbc29.com/
content-length: 23952
x-request-id: 34bc9acf50996659dc07a2d0ebf59c93
x-backend-name: CH_nlb803
x-served-by: cache-iad-kjyo7100022-IAD, cache-iad-kcgs7200132-IAD, cache-lga21943-LGA, cache-iad-kiad7000167-IAD, cache-fra-etou8220106-FRA
last-modified: Wed, 29 Nov 2023 00:56:31 GMT
server: nginx
surrogate-reporting: width=1140,height=634,bytes=63749,owidth=1200,oheight=600,obytes=51004,ef=(1,13,17,23,30)
x-timer: S1703181355.236360,VS0,VE2
etag: "ae708b4d4387df893c0148a71603e7b9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 122, 1

GET
H2 200 6b3ca6cfa736e74ef0387a247448961e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 38 KB
38 KB 84ms
83ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b3ca6cfa736e74ef0387a247448961e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e96736db1d732e3e9057e427079f528f434d2ba9caf5b3a7adaf788f14f525f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b3ca6cfa736e74ef0387a247448961e.png
age: 4354500
edge-cache-tag: 408883170157711696553231435588959151478,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 408883170157711696553231435588959151478,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 253
expiration: expiry-date="Sat, 23 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gladbachlive.de/
content-length: 38458
x-backend-name: LA_nlb203
x-served-by: cache-iad-kiad7000145-IAD, cache-iad-kiad7000145-IAD, cache-sna10741-LGB, cache-iad-kcgs7200070-IAD, cache-fra-etou8220106-FRA
last-modified: Wed, 23 Aug 2023 13:48:59 GMT
server: nginx
x-timer: S1703181355.236320,VS0,VE16
etag: "48a790f4945d236028851bd987fd9dc1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 31, 1, 7, 1

GET
H2 200 MEG4YWPOSREY5NTCX5MGFLW4OE.JPG%3Fauth%3D1a1c682ef110a249cda59da0b105b9ef5a60a81afb4690f4073a6f9eb9728f9a%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 28 KB
30 KB 160ms
160ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/MEG4YWPOSREY5NTCX5MGFLW4OE.JPG%3Fauth%3D1a1c682ef110a249cda59da0b105b9ef5a60a81afb4690f4073a6f9eb9728f9a%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6985188ba0c71d805b23b36bdaff8334dd568b0fc329aa3ecd32fff95d1f0edd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/MEG4YWPOSREY5NTCX5MGFLW4OE.JPG%3Fauth%3D1a1c682ef110a249cda59da0b105b9ef5a60a81afb4690f4073a6f9eb9728f9a%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 150562
edge-cache-tag: 591688063279622553830329411376613596948,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
cache-tag: 591688063279622553830329411376613596948,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 654
expiration: expiry-date="Fri, 12 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.29news.com/
content-length: 29178
x-backend-name: US_nlb104
x-served-by: cache-iad-kjyo7100054-IAD, cache-iad-kcgs7200085-IAD, cache-lga21923-LGA, cache-iad-kcgs7200066-IAD, cache-fra-etou8220106-FRA
last-modified: Tue, 12 Dec 2023 13:46:01 GMT
server: nginx
surrogate-reporting: width=1140,height=634,bytes=51227,owidth=1200,oheight=600,obytes=59499,ef=(1,13,17,23,30)
x-timer: S1703181355.236312,VS0,VE89
etag: "472b785b33bccde7077bd7e1c59a5e13"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 7, 0

GET
H2 200 FSRZVVB7YVGVFC6XJUIOCKNE5Q.jpg%3Fauth%3D8a9c4080e83fda990a27144018e71a95422385d1f5cb29bd10331786a0480934%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 123 KB
124 KB 180ms
179ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/FSRZVVB7YVGVFC6XJUIOCKNE5Q.jpg%3Fauth%3D8a9c4080e83fda990a27144018e71a95422385d1f5cb29bd10331786a0480934%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a4cc67f056cd1014b97865ca712d760b07eb05e7d70c94b9fb276981d3348c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 95
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/FSRZVVB7YVGVFC6XJUIOCKNE5Q.jpg%3Fauth%3D8a9c4080e83fda990a27144018e71a95422385d1f5cb29bd10331786a0480934%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 697549
edge-cache-tag: 527283320366768371883734521908033617477,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
cache-tag: 527283320366768371883734521908033617477,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time: 279
req-referer: https://www.29news.com/
content-length: 126448
x-request-id: 29462ada41cc1b28c35f51ad227a866a
x-backend-name: LA_nlb201
x-served-by: cache-iad-kiad7000173-IAD, cache-iad-kjyo7100052-IAD, cache-lax-kwhp1940106-LAX, cache-iad-kjyo7100107-IAD, cache-fra-etou8220106-FRA
last-modified: Sat, 02 Dec 2023 12:16:11 GMT
server: nginx
surrogate-reporting: width=1140,height=634,bytes=163667,owidth=1200,oheight=600,obytes=145518,ef=(1,13,17,23,30)
x-timer: S1703181355.236294,VS0,VE95
etag: "c6f8ec27a2ba24e761abb37c0829db1c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 8, 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 65A1 0
0 156ms
76ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUSt4WKwON-Y59UTGWWp7BvJX0Nze4nCidYz5evQMkkNCUO5dlrIicj2yncX3YYsxv41BwpME-rg_OpRN4hFjdx3qEVFjpPSawViQjYAnRl3KFQsZGaOGzyj0oQ7Ufi0J1i12ug2y1clhD_tBxFvZWIUc6KldUld-9eTzdjwisaFFWsBlEDozGk6M-WuAC_hlwIw2vwQb7Mr4-972CLsM-hJj_HqGz1_wLuWGAoV52ogY0A9c5ETa_ddIOT5lk5kaLizgD7LzyDCPyvYF074zzY80STgQAvhnpPqrSvo4IA4fzm9K8s9tcSm9ahiQ435-NuBgZgN0gz3gawI5LyPYj8u_6SId7mbLZqW1AMkgxfPhztTdfO2AWTQyztGqcdwNCTAS_zTo9BWXr2y66giP8VV7jd7Be&sai=AMfl-YRcyqI-Ql3KSuwNlPFn0DuQMFv7glk6f-lH78IpLJwDKmjSKiHSn8o3Gxf5S01pEAGzFkvFf5s_X4QcXnLEbZmhJs0AfR5Vy8h1ecvOYshlYfWp-hMFLgupWoEDATCOvI705TGmeo_cRW4tZM7mp7U&sig=Cg0ArKJSzBlcv-vrawvxEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 17:55:55 GMT

GET
H3 200 Bg.jpg
s0.2mdn.net/dfp/477273/5366780345/1700602072674/ Frame FA6A 4 KB
4 KB 110ms
110ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/Bg.jpg

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef101d087ba651634657546645af2d3d6000769a0987a8fe58c0055c45708f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4575
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1991 0
0 150ms
78ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBnFseFQRYIOK1smeUPCn7WIzQdKB0WOHCRrscoAMY74EnFkFdun1Ohgi1UXRjmmeS2QXPcW6I5Kc2A5BZAToNZ3UnW9wAeCqHd8kiZTtxPVzo8MP5oPA-tuCh-ho3tS-hywo9tsO-oVauER2nKSXG_-2UbQDJ6CnxueTUgOe0g6M2DYTmauLEdXSADZyT7NQJkHGerrvUDKS0ZGlNj_lNhlkmHjmkWmZNI7xomzaINm42L0PnquEWWoK1M6yIqidLpcllCdcFskb3FzOeHS1pOIEnHhjqGUMdyQmJ4u2Ahbwj_MxEnaijS3_iaUq4pfImRikKMishBG-O_H-looOtXpolN7hG8ApUoIhtYEGcvkA40jv_OYnzGws9uNsVJbPRZcBqY88uBwvost0PSXIC6LyWNzCo&sai=AMfl-YTIi3DoeKAB22yoXB25FOh0_4zAcAvhHujSvSDz0SEuX4ORsCJHt-Q45nZOfsqR6cvSXlyiGMcJKQi9MT68F1IqygW0vZ2znRFBA4tR3YVvDd8YhThDy05ZLjUaYjl_JABPcbwGofHchnDd3lbT6ui8&sig=Cg0ArKJSzGmkZbb85pqFEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 17:55:55 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame B089 236 KB
63 KB 108ms
108ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Thu, 21 Dec 2023 18:10:55 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/dfp/477273/5366780345/1700602072701/ Frame B089 31 KB
7 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b697e8278f943c58dac1898b620bbee48477c30cf7a2ba117a29a38a1f06c324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:27:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 18EC 0
593 B 41ms
41ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:55 GMT
an-x-request-uuid: bdf7202c-4b0b-4528-849b-b8256006af35
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 6816 0
593 B 57ms
56ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:55 GMT
an-x-request-uuid: 3c63f679-4f1c-4cef-a6a5-782d9d863add
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 89E5 0
594 B 40ms
40ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:55 GMT
an-x-request-uuid: 1f398d7b-7517-4475-9b3f-b1d4596e9369
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame FCA2 0
593 B 39ms
39ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:55 GMT
an-x-request-uuid: 4f92f649-baed-447a-8f1f-2e7dc06b954b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cmAdService.js Show response
vidstat.taboola.com/vpaid/units/33_6_9/infra/ 46 KB
12 KB 41ms
41ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmAdService.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagINSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime: 1702980156
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P5
age: 201124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1702980157
x-amz-meta-mode: 33188
content-length: 11556
x-served-by: cache-fra-etou8220106-FRA
last-modified: Tue, 19 Dec 2023 10:02:38 GMT
server: AmazonS3
x-timer: S1703181355.033300,VS0,VE0
etag: "395c2d3a29b53f05f31fcb3046a9dd43"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Gww3wqGgaJTugo99dczWFNfHvMbVUgXcMhkrrAvZW4L6dFV41MIoBg==
x-cache-hits: 158382

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3228451086031574&bg=!RkWlRQrNAAY3kmNgF5I7ADQBe5WfOHf7f8e_JyGhzIRkWhq3Uqopd4Y7-tTX5RE4Om0qwyVhmYsffGWZm1QBexYWdRn2AgAAAC5SAAAAAmgBB5kC7fm-QSOMN3y485WTBm_tKYBOD4R1-r-0Z7tAOL0Ghd-LODPStzJpNQ4uUcsOfkzm4VVn1iXQsHlaG0ZlTd7F1Q9Qs_xIu9Z2IuF8ICYJ9LuEYCEDmXsJ3OCx7dfT_8-X16Ixzy8dFWIReodJNEHOtG3u2JiWatPcUYcWA-RydZPHRdR8s69thgZT6pqdstyJrb0zJmzpXZBhUXjIhek7bwJsgqa3e19Vv4x230MsAS81GtiTBr7zijnZWN_1ZLWi3vfSB4E-BxYckNw6x0KBjxH1vqROrkNw76iuN15BZC0rpUyBvQaUeUF0e7qvOBwAoSVrYfg_IfMBWdBu3nj_q-CH1-nBMfKhGljIbdDrm9aJZeq0T9O9l5gg2mGIdRVBUnjOfkTN2lR-lARxfdNQEfhBBW-qalxvSqafJPMG0e0zND78iLX1_Go7zLi-0tSLZksot0DaA9nANH3ogmGeZqgIIdx3k1i-tE8CjlZQOLKVXT05Neq0j2SdYKbYj-0zYZ3pzHA4j4jgCIYURKbqU9piUomGITetNcU4nBTqVCqvAnDNy8kt37tP6Cb-XZxmG7FYR_76ob8X01_Jv3ANwXm5W6Qd3fpUxcLubCW-Wo2v_aXHEfVTqQC9ZPnFnU41CRl9yEtyFRtJ-0Br607VHw8EvRbRoE2vsZoBgrv7Eg19h7AgWnOZgcyfOWPH8r4QswO4UlAwIVNOL_wU2InB38_cgjgX18Tk2Sah89aowkXLk0_4ohz-pHZK5axberN7FB6P4i69BFswNoaDhpe07nyb9tBg_ZqadUFyeTYhovU6Y1fs3YL-_6a9xHh_R1M6RF--K5gDJV6aDTFj9NkudLyUOFphudEMlY1IwX5BWlf0Uwfl9jECpUMD9e-n29TIGXNTtENqeRX_zckFhyz9nXYi9lIgAAvdHn5pwO-1paAZBeiapFii3Djo1-_td4c9tWeuXslsfdnNU0DTDdngxYz1XpRX2DSyGgbp2uXV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e36d95104a92a1c63df4b614abc9e9d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f50a6c5488351116c150e488dcef816ae863410a9aafc88245343cf069117eee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7e36d95104a92a1c63df4b614abc9e9d.jpeg
age: 1402114
edge-cache-tag: 550897440750064702163162219306249614643,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 550897440750064702163162219306249614643,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 231
req-referer: https://tamil.oneindia.com/
content-length: 47348
x-request-id: 98b38fdc732dde9d39727a3901bb44cf
x-backend-name: LA_nlb204
x-served-by: cache-iad-kiad7000025-IAD, cache-iad-kjyo7100104-IAD, cache-lax-kwhp1940106-LAX, cache-iad-kcgs7200033-IAD, cache-fra-etou8220106-FRA
last-modified: Tue, 05 Dec 2023 10:14:53 GMT
server: nginx
surrogate-reporting: width=1129,height=628,bytes=162375,owidth=1200,oheight=628,obytes=403464
x-timer: S1703181355.236322,VS0,VE0
etag: "03a40969949970aaa96d2758d897b821"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 2, 2

GET
H3 200 Img1.png
s0.2mdn.net/dfp/477273/5366780345/1700602072674/ Frame FA6A 46 KB
46 KB 121ms
121ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/Img1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

085f3999c4a267279e2e6ab24101a9410029b6aafe3374b939dbb8653d0c6004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47549
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700686231/djsam6hxgcwlrfyb74t0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 893eae8627f763dd720a9e4b4b154f263b1d3ad340396137d9f4c5ef1a655f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700686231/djsam6hxgcwlrfyb74t0.jpg
age: 1052650
edge-cache-tag: 552484223611607983875918282273428470467,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 552484223611607983875918282273428470467,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 55
req-referer: https://www.hollywoodreporter.com/
content-length: 11686
x-request-id: acea28044bb1f0561844c8e2fb5ce4b0
x-backend-name: US_nlb102
x-served-by: cache-iad-kiad7000080-IAD, cache-iad-kiad7000117-IAD, cache-lga21920-LGA, cache-iad-kcgs7200049-IAD, cache-fra-etou8220106-FRA
last-modified: Wed, 22 Nov 2023 20:51:14 GMT
server: nginx
surrogate-reporting: width=800,height=444,bytes=22570,owidth=800,oheight=450,obytes=21815
x-timer: S1703181355.281146,VS0,VE0
etag: "365def712cbc8c5c45c6459f0c1d51a3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b7a1f98f7a86e758aa159a092d0d7f6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 450cdbea50d33a3a70ac96eb00516795bdc359dd12d3b5f9e1af5f7a94d642aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b7a1f98f7a86e758aa159a092d0d7f6.jpg
age: 4473767
edge-cache-tag: 605974563756649217556436442754257578401,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 605974563756649217556436442754257578401,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 68
expiration: expiry-date="Sat, 30 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.marca.com/
content-length: 5926
x-backend-name: CH_nlb802
x-served-by: cache-iad-kiad7000077-IAD, cache-iad-kiad7000045-IAD, cache-iad-kcgs7200072-IAD, cache-fra-etou8220106-FRA
last-modified: Wed, 30 Aug 2023 08:44:28 GMT
server: nginx
surrogate-reporting: width=360,height=200,owidth=1000,oheight=600,obytes=65283
x-timer: S1703181355.281811,VS0,VE0
etag: "d7cc1264b0f2879aa39ab20fd699f8bd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 19, 2

GET
H3 200 Bg.jpg
s0.2mdn.net/dfp/477273/5366780345/1700602072701/ Frame B089 4 KB
4 KB 129ms
129ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/Bg.jpg

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acb4a3274998a2fdb4829e8ce1084625759b64d662458c204077ff0c502f6aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3857
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 02466c3c035419a9657824e4d82d61f4f19c3bde2a8e892bff94d5196ce16c0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
age: 3815494
edge-cache-tag: 321194619511491062242132839077726262353,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 321194619511491062242132839077726262353,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 372
req-referer: https://www.oneindia.com/elections/?ref_medium=Desktop&ref_source=OI-EN&ref_campaign=menu-header
content-length: 9174
x-request-id: 0e1f52aad0cd1fce3561647350db44ec
x-backend-name: CH_nlb803
x-served-by: cache-iad-kjyo7100158-IAD, cache-iad-kjyo7100140-IAD, cache-chi-kigq8000048-CHI, cache-iad-kcgs7200144-IAD, cache-fra-etou8220106-FRA
last-modified: Thu, 02 Nov 2023 12:52:38 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=12620,owidth=1999,oheight=1249,obytes=185477
x-timer: S1703181355.293983,VS0,VE0
etag: "5b8c94b31dc2c6880e0719acd3de60e7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ffc7d0a84f8cbb1737bfb7cbb8c4b217.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d93036adeac11cb74bc02c4a7d1e54d4998ff1c87cda841f7ec7c39a3bfa786d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ffc7d0a84f8cbb1737bfb7cbb8c4b217.png
age: 708214
edge-cache-tag: 335444885133266968752896752173434359422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 335444885133266968752896752173434359422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 54
expiration: expiry-date="Mon, 25 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lefigaro.fr/
content-length: 8644
x-backend-name: LA_nlb204
x-served-by: cache-iad-kiad7000092-IAD, cache-iad-kjyo7100158-IAD, cache-lax-kwhp1940055-LAX, cache-iad-kcgs7200112-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 24 Nov 2023 13:50:19 GMT
server: nginx
surrogate-reporting: width=600,height=333,bytes=23573,owidth=600,oheight=400,obytes=329618
x-timer: S1703181355.360771,VS0,VE0
etag: "c853d7db0e51c40ef0081b31bf0472c3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 7

GET
H2 200 2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 41 KB
42 KB 48ms
48ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 77b3b9d0d85cfbb404125756c8028a784d303a08798f75557c47c69f7b2ae24f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age: 5548645
edge-cache-tag: 539264722275397693898618951167535693130,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 539264722275397693898618951167535693130,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 113
expiration: expiry-date="Mon, 02 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.watson.de/
content-length: 41730
x-backend-name: US_nlb106
x-served-by: cache-iad-kcgs7200166-IAD, cache-iad-kiad7000020-IAD, cache-iad-kiad7000129-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 01 Sep 2023 11:47:36 GMT
server: nginx
x-timer: S1703181355.361059,VS0,VE0
etag: "33d64e6f46762b33b7b0d79ea8388430"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 352, 14

GET
H2 200 8d09eac6e9c9897dd22885bcaabb6e1e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
23 KB 47ms
47ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d09eac6e9c9897dd22885bcaabb6e1e.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff54f31beb950fd0a5e86afd8fce08a77f6540224794971024ab7ab7b7e041aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d09eac6e9c9897dd22885bcaabb6e1e.jpeg
age: 1149226
edge-cache-tag: 430448083929883128751191760526608857454,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 430448083929883128751191760526608857454,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 98
req-referer: https://www.desired.de/
content-length: 23252
x-request-id: 9f2e6d1e103d94f8b44a832aef4dc3eb
x-backend-name: LA_nlb201
x-served-by: cache-iad-kjyo7100124-IAD, cache-iad-kjyo7100035-IAD, cache-lax-kwhp1940072-LAX, cache-iad-kjyo7100042-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 08 Dec 2023 10:42:10 GMT
server: nginx
surrogate-reporting: width=932,height=517,bytes=57894,owidth=932,oheight=582,obytes=128865
x-timer: S1703181355.361033,VS0,VE0
etag: "c55174b913c33af59a1e46de82a07e17"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 2

GET
H2 200 2IFOP3JO65EMTH5CZGVTSXJMKI.jpg%3Fauth%3D30188f7548970a0bd16dbe1e82d9fb66a2484bbb4af64c6748b97de752a082c3%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 31 KB
32 KB 39ms
39ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/2IFOP3JO65EMTH5CZGVTSXJMKI.jpg%3Fauth%3D30188f7548970a0bd16dbe1e82d9fb66a2484bbb4af64c6748b97de752a082c3%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ca76ab4fec5ea3151efaf32f5b85ea7b30070e2b89438954d47728d6e243f705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/2IFOP3JO65EMTH5CZGVTSXJMKI.jpg%3Fauth%3D30188f7548970a0bd16dbe1e82d9fb66a2484bbb4af64c6748b97de752a082c3%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 2046150
edge-cache-tag: 391809127323206082653190106803800704935,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 391809127323206082653190106803800704935,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 333
req-referer: https://www.nbc29.com/
content-length: 32228
x-request-id: 35d02ac62fb11b1f2c54aed12f2216e9
x-backend-name: LA_nlb201
x-served-by: cache-iad-kjyo7100133-IAD, cache-iad-kcgs7200067-IAD, cache-lax-kwhp1940100-LAX, cache-iad-kiad7000168-IAD, cache-fra-etou8220106-FRA
last-modified: Tue, 28 Nov 2023 01:33:24 GMT
server: nginx
surrogate-reporting: width=1079,height=600,bytes=89753,owidth=1200,oheight=600,obytes=111904
x-timer: S1703181355.396500,VS0,VE0
etag: "ec8dacf1968670e5a06d7bfaaea3fe90"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 405, 2

GET
H2 200 T7HJ6J3D4ZFYVLWDV5P25YW2BA.jpg%3Fauth%3D23bcc676b7bec5d791261a5a07b1e2416598d51c1510f754a6664aa08ee8ed48%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 24 KB
25 KB 41ms
40ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/T7HJ6J3D4ZFYVLWDV5P25YW2BA.jpg%3Fauth%3D23bcc676b7bec5d791261a5a07b1e2416598d51c1510f754a6664aa08ee8ed48%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d7b187cc67b247dc96e69792c53e7217bf1e1fbeb0828f75961abad573e126e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/T7HJ6J3D4ZFYVLWDV5P25YW2BA.jpg%3Fauth%3D23bcc676b7bec5d791261a5a07b1e2416598d51c1510f754a6664aa08ee8ed48%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 1817831
edge-cache-tag: 426342681135456173516109621408559109224,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 426342681135456173516109621408559109224,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 102
req-referer: https://d-2372290111919554827.ampproject.net/
content-length: 24732
x-request-id: a3f59eb7a4589568dcba394820e5316d
x-backend-name: US_nlb105
x-served-by: cache-iad-kiad7000143-IAD, cache-iad-kiad7000132-IAD, cache-lga21967-LGA, cache-iad-kjyo7100060-IAD, cache-fra-etou8220106-FRA
last-modified: Thu, 30 Nov 2023 04:21:18 GMT
server: nginx
surrogate-reporting: width=1079,height=600,bytes=75959,owidth=1200,oheight=600,obytes=98127
x-timer: S1703181355.407644,VS0,VE0
etag: "c86a676d102e42e26d3602cc5b3185fb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 626, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f2f3ab6d-4dba-4ee1-ad73-e5a482b8ec6f__Kxlo0KK8.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b4b72c7ba22a431dac1a657492acfddfd91bf9fbc71c6c61213cce089ee58714

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f2f3ab6d-4dba-4ee1-ad73-e5a482b8ec6f__Kxlo0KK8.jpg
age: 3793925
edge-cache-tag: 369892945166203625932769237237409230519,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 369892945166203625932769237237409230519,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 743
req-referer: https://www.sport1.de/news/fussball/bundesliga/2023/10/eberl-will-zum-fc-bayern-so-viel-musste-der-rekordmeister-zahlen
content-length: 24532
x-request-id: c84d40201c19402843f713e9a008d715
x-backend-name: CH_nlb802
x-served-by: cache-iad-kjyo7100133-IAD, cache-iad-kcgs7200063-IAD, cache-lga21946-LGA, cache-iad-kjyo7100177-IAD, cache-fra-etou8220106-FRA
last-modified: Sat, 16 Sep 2023 21:27:00 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=35590,owidth=2000,oheight=1333,obytes=563565
x-timer: S1703181355.409527,VS0,VE0
etag: "871460d2a24ad94d69f91c1e1d27b69b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d8a4590108abcf2073567a43f853e659.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e34791099157cc89185c8d4ec8a826121203a77a0f0cb0f119c0ae29a71ffb8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d8a4590108abcf2073567a43f853e659.jpg
age: 4444955
edge-cache-tag: 535799013392878146286989432964408995103,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535799013392878146286989432964408995103,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 122
expiration: expiry-date="Thu, 28 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.harpersbazaar.com/
content-length: 22662
x-backend-name: US_nlb105
x-served-by: cache-iad-kjyo7100106-IAD, cache-iad-kiad7000179-IAD, cache-iad-kiad7000028-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 28 Aug 2023 06:14:38 GMT
server: nginx
surrogate-reporting: width=360,height=200,owidth=1000,oheight=600,obytes=790053
x-timer: S1703181355.413824,VS0,VE0
etag: "f296790e306f7ddc7dae116243345119"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 56, 3

POST
H2 204 bulk Show response
trc.taboola.com/graytv-wvirnbc29/log/3/ 0
348 B 95ms
94ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-wvirnbc29/log/3/bulk?tvi2=4948&tvi48=10638&tvi50=14585&route=AM%3AAM%3AV&lti=deflated&bulkSize=19
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 47
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7400
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220106-FRA
pragma: no-cache
server: nginx
x-timer: S1703181355.203597,VS0,VE47
content-type: image/gif
access-control-allow-origin: https://www.29news.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/93b00cf9420a16b5bd28580926bed799
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5062fda3a1a18613a55b5666666df4e244ae1614bc80773f011da56d10d411e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/93b00cf9420a16b5bd28580926bed799
age: 1290791
edge-cache-tag: 349087921095247456509117759328833712828,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 349087921095247456509117759328833712828,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 23
expiration: expiry-date="Thu, 21 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.mopo.de/
content-length: 13194
x-backend-name: LA_nlb203
x-served-by: cache-iad-kjyo7100041-IAD, cache-iad-kjyo7100086-IAD, cache-lax-kwhp1940112-LAX, cache-iad-kjyo7100129-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 20 Nov 2023 16:42:25 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=18224,owidth=1445,oheight=1445,obytes=324566
x-timer: S1703181355.413811,VS0,VE0
etag: "b7db1c51629a943834d3122196324661"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 10, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/144a1ce325fc63c2f930c9ee573283bd.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8c1cd30b8d688d8c55a18a8c18a83e91872d8ef631c9c8cb467bd099238fcf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/144a1ce325fc63c2f930c9ee573283bd.png
age: 3778460
edge-cache-tag: 604314819661654497399301943478498831743,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 604314819661654497399301943478498831743,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 94
expiration: expiry-date="Sat, 21 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://roma.corriere.it/
content-length: 10526
x-backend-name: US_nlb106
x-served-by: cache-iad-kjyo7100159-IAD, cache-iad-kjyo7100107-IAD, cache-iad-kcgs7200151-IAD, cache-fra-etou8220106-FRA
last-modified: Wed, 20 Sep 2023 10:29:40 GMT
server: nginx
surrogate-reporting: width=624,height=346,bytes=23956,owidth=624,oheight=608,obytes=250856
x-timer: S1703181355.438998,VS0,VE0
etag: "40dc5e530fca754c56989c4f8cb5828c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 6, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1eee81d701c05844e02db99fff7fbd7c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 00fa20f893accdf6609bbe586aa81c3070fa98b491383689522da598c5a35010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1eee81d701c05844e02db99fff7fbd7c.jpg
age: 31011
edge-cache-tag: 487465816551590943384933345663553894456,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 487465816551590943384933345663553894456,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 96
req-referer: https://www.t-online.de/
content-length: 37806
x-request-id: f7916760a77e8e3a395931d6b051073c
x-backend-name: LA_nlb202
x-served-by: cache-iad-kiad7000121-IAD, cache-iad-kiad7000124-IAD, cache-bur-kbur8200057-BUR, cache-iad-kjyo7100148-IAD, cache-fra-etou8220106-FRA
last-modified: Thu, 21 Dec 2023 07:57:40 GMT
server: nginx
surrogate-reporting: width=1000,height=555,bytes=106760,owidth=1000,oheight=560,obytes=620910,ef=(1,13,17,23,30)
x-timer: S1703181355.449584,VS0,VE0
etag: "45750986e3560eb783b40ee437306304"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/20ca3920796705f4e953bd5014720ea9.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 066b4c43703e0fac583d07f0fa802396abad8a1347f327788911f524072d5905

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/20ca3920796705f4e953bd5014720ea9.jpg
age: 4272114
edge-cache-tag: 302935950058188571201508857327343714482,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 302935950058188571201508857327343714482,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 141
expiration: expiry-date="Mon, 16 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.lefigaro.fr/
content-length: 16730
x-backend-name: LA_nlb201
x-served-by: cache-iad-kcgs7200068-IAD, cache-iad-kcgs7200065-IAD, cache-sna10745-LGB, cache-iad-kiad7000092-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 15 Sep 2023 23:26:47 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=28270,owidth=1200,oheight=634,obytes=142427
x-timer: S1703181355.451362,VS0,VE0
etag: "df25e375bd452616f481ce131c6a9af9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2861, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3e58aa204c2dc3732e9756647974cad.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c23b30bfbc0bd812419c64c97f1dec5597f32dbe3e93ba7f811baabbad683e0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3e58aa204c2dc3732e9756647974cad.jpeg
age: 622059
edge-cache-tag: 438746474855412670128399167291879072259,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 438746474855412670128399167291879072259,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 245
expiration: expiry-date="Mon, 06 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.karlsruhe-insider.de/
content-length: 9628
x-backend-name: LA_nlb202
x-served-by: cache-iad-kcgs7200096-IAD, cache-iad-kcgs7200027-IAD, cache-lax-kwhp1940091-LAX, cache-iad-kjyo7100170-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 06 Oct 2023 22:02:37 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=14530,owidth=1000,oheight=600,obytes=393497
x-timer: S1703181355.460762,VS0,VE0
etag: "afbebd5feb8e98a275f21bae258d0349"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

GET
H2 200 929c3319e35f9a5b080ddb81b736afe0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 26 KB
26 KB 42ms
41ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/929c3319e35f9a5b080ddb81b736afe0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b63862eedec7b1ff7fdff3ca9d962baad621fab0ef32db5d5e99e1f9878becb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/929c3319e35f9a5b080ddb81b736afe0.jpg
age: 3223521
edge-cache-tag: 304602976658064998707197742646001216556,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 304602976658064998707197742646001216556,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 154
expiration: expiry-date="Thu, 05 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ouest-france.fr/
content-length: 26270
x-backend-name: US_nlb103
x-served-by: cache-iad-kjyo7100066-IAD, cache-iad-kiad7000169-IAD, cache-iad-kjyo7100070-IAD, cache-fra-etou8220106-FRA
last-modified: Mon, 04 Sep 2023 12:43:57 GMT
server: nginx
surrogate-reporting: width=360,height=200,owidth=1000,oheight=600,obytes=137697
x-timer: S1703181355.460857,VS0,VE0
etag: "fc518caeb4feec47c34e51d103ea165d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1004, 2

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
712 B 39ms
39ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 12856
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1703181355.250661,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 30
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 6740

GET
H3 200 Img2.png
s0.2mdn.net/dfp/477273/5366780345/1700602072674/ Frame FA6A 42 KB
42 KB 65ms
65ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/Img2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10f9b865c2ed7f8a10b1c9999cd9b7ef8b625758065fbf581878c5ac2d291fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43400
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

GET
H3 200 Img1.png
s0.2mdn.net/dfp/477273/5366780345/1700602072701/ Frame B089 27 KB
27 KB 110ms
110ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/Img1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3611618619419c86e858443ee49b1aacf3eab8a34945aa2e791815902c379a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27268
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

GET
H3 200 container.html Show response
ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ABE0 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.29news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:55:53 GMT
expires: Fri, 20 Dec 2024 17:55:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F11-28-2023%252Ft_52a17419e82641a29207816b29a9a0ba_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3D4a0323b040c3b168d738610278e73276254d0ff12be8787acfe9fae10a5d333f%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d6f9b2b1d062e31d2371f04bed92cf063b18227986a97d5899de1821603ae5ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%253A%252F%252Fdo0bihdskp9dy.cloudfront.net%252F11-28-2023%252Ft_52a17419e82641a29207816b29a9a0ba_name_file_1280x720_2000_v3_1_.jpg%3Fauth%3D4a0323b040c3b168d738610278e73276254d0ff12be8787acfe9fae10a5d333f%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 616273
edge-cache-tag: 483193263609295722467564842728203042199,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
cache-tag: 483193263609295722467564842728203042199,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1882
req-referer: https://www.nbc29.com/
content-length: 23952
x-request-id: 34bc9acf50996659dc07a2d0ebf59c93
x-backend-name: CH_nlb803
x-served-by: cache-iad-kjyo7100022-IAD, cache-iad-kcgs7200132-IAD, cache-lga21943-LGA, cache-iad-kiad7000167-IAD, cache-fra-etou8220106-FRA
last-modified: Wed, 29 Nov 2023 00:56:31 GMT
server: nginx
surrogate-reporting: width=1140,height=634,bytes=63749,owidth=1200,oheight=600,obytes=51004,ef=(1,13,17,23,30)
x-timer: S1703181355.480775,VS0,VE0
etag: "ae708b4d4387df893c0148a71603e7b9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 122, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b3ca6cfa736e74ef0387a247448961e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e96736db1d732e3e9057e427079f528f434d2ba9caf5b3a7adaf788f14f525f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b3ca6cfa736e74ef0387a247448961e.png
age: 4354500
edge-cache-tag: 408883170157711696553231435588959151478,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 408883170157711696553231435588959151478,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 253
expiration: expiry-date="Sat, 23 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gladbachlive.de/
content-length: 38458
x-backend-name: LA_nlb203
x-served-by: cache-iad-kiad7000145-IAD, cache-iad-kiad7000145-IAD, cache-sna10741-LGB, cache-iad-kcgs7200070-IAD, cache-fra-etou8220106-FRA
last-modified: Wed, 23 Aug 2023 13:48:59 GMT
server: nginx
x-timer: S1703181355.490786,VS0,VE0
etag: "48a790f4945d236028851bd987fd9dc1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 31, 1, 7, 2

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame ABE0 23 KB
9 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 23:00:17 GMT

GET
H3 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame ABE0 109 KB
38 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: www.29news.com
URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
Origin: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 22:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 22:31:35 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame ABE0 24 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame ABE0 203 KB
64 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 17:55:55 GMT

GET
H3 200 Img3.png
s0.2mdn.net/dfp/477273/5366780345/1700602072674/ Frame FA6A 48 KB
48 KB 99ms
99ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/Img3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11672cc90a8571586f8849407905402440fe0d5772c804d3213c623d78add561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49543
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

GET
H3 200 Img2.png
s0.2mdn.net/dfp/477273/5366780345/1700602072701/ Frame B089 22 KB
22 KB 77ms
77ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/Img2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8463c368bb42384b3273515b49ba7a0f83b0c59109368949b05d2fc1d18a2532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22262
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/477273/5366780345/1700602072734/ Frame 376A 5 KB
2 KB 97ms
97ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b25c0a5ad0a261ef3447ec8b32ab922aad4a5afae081b7514a68ab4c45bad3e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1831
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 17:55:55 GMT
expires: Fri, 22 Dec 2023 17:55:55 GMT
last-modified: Tue, 21 Nov 2023 21:27:53 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ABE0 0
26 B 79ms
79ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNGshdjWceU7bg9dkLCSJxnBoSqQsijDUhNqGywSQ1ki5Pk-I46GQSXkKom8XHrFe5nFl6SDgwqULnPCBNI5LWemi9sODY42f_zXKjjIMUYR1u0UfaAO18WZoiMt746YsD5duOSVPJCs2a2WrN5zfyBGAdU1d4axfC5zBrhZ9peiElNzzSDcq6OLjOj1M3lE-wnTvyfkBBHdH-0jblswwam4s8HCXwdBICSQlDL1UAnMvtwzYThli6jTLqX8rfY4PI143DgywBQK2hGAWP-zXerIGLXS6ZNnt-cgzzaNr4-7g2k24sMc3F4P4v5Nk0h0hhjIOFZpdvYxEpc6cxV7wjN44E7_McP547cfbzqsIVW2Rux8Y4v7a6GUOpMF7aNdeDrl-cKNZhYlGiIt2ySYJBcXdFkA&sai=AMfl-YT40rUrz2HwUNShCysj5cTSaLrV1AawOcWLlJP6Fwcn3acc_2aT3LAycCrqCNj0TK12L3t15e3rKS7XXs9XbG_hE0au3mCgXwmlB9Oqi9sjblnVJYaD8edK0TxJPUvJ6LCLcknEr_zp3VIZViOxNF5P&sig=Cg0ArKJSzLIomYZgDy0XEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/MEG4YWPOSREY5NTCX5MGFLW4OE.JPG%3Fauth%3D1a1c682ef110a249cda59da0b105b9ef5a60a81afb4690f4073a6f9eb9728f9a%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6985188ba0c71d805b23b36bdaff8334dd568b0fc329aa3ecd32fff95d1f0edd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/MEG4YWPOSREY5NTCX5MGFLW4OE.JPG%3Fauth%3D1a1c682ef110a249cda59da0b105b9ef5a60a81afb4690f4073a6f9eb9728f9a%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 150562
edge-cache-tag: 591688063279622553830329411376613596948,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
cache-tag: 591688063279622553830329411376613596948,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 654
expiration: expiry-date="Fri, 12 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.29news.com/
content-length: 29178
x-backend-name: US_nlb104
x-served-by: cache-iad-kjyo7100054-IAD, cache-iad-kcgs7200085-IAD, cache-lga21923-LGA, cache-iad-kcgs7200066-IAD, cache-fra-etou8220106-FRA
last-modified: Tue, 12 Dec 2023 13:46:01 GMT
server: nginx
surrogate-reporting: width=1140,height=634,bytes=51227,owidth=1200,oheight=600,obytes=59499,ef=(1,13,17,23,30)
x-timer: S1703181355.492209,VS0,VE0
etag: "472b785b33bccde7077bd7e1c59a5e13"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 7, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/FSRZVVB7YVGVFC6XJUIOCKNE5Q.jpg%3Fauth%3D8a9c4080e83fda990a27144018e71a95422385d1f5cb29bd10331786a0480934%26width%3D1200%26height%3D600%26smart%3Dtrue
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a4cc67f056cd1014b97865ca712d760b07eb05e7d70c94b9fb276981d3348c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/FSRZVVB7YVGVFC6XJUIOCKNE5Q.jpg%3Fauth%3D8a9c4080e83fda990a27144018e71a95422385d1f5cb29bd10331786a0480934%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 697549
edge-cache-tag: 527283320366768371883734521908033617477,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
cache-tag: 527283320366768371883734521908033617477,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 279
req-referer: https://www.29news.com/
content-length: 126448
x-request-id: 29462ada41cc1b28c35f51ad227a866a
x-backend-name: LA_nlb201
x-served-by: cache-iad-kiad7000173-IAD, cache-iad-kjyo7100052-IAD, cache-lax-kwhp1940106-LAX, cache-iad-kjyo7100107-IAD, cache-fra-etou8220106-FRA
last-modified: Sat, 02 Dec 2023 12:16:11 GMT
server: nginx
surrogate-reporting: width=1140,height=634,bytes=163667,owidth=1200,oheight=600,obytes=145518,ef=(1,13,17,23,30)
x-timer: S1703181355.495811,VS0,VE0
etag: "c6f8ec27a2ba24e761abb37c0829db1c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 8, 1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ABE0 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvB74DTBOLvqaQnCcVSR9reHnzlrwS6PdkG_tg3CyhHKe8JZRJtOO1a6pp6Q7DgAea3KkHCHZzA_hwFIEFbsWJyIpcrIUT338yLUNVmafdXbwQcXFPYrg9RZFBXeVZyXzREYmhygXhmgT5wOI-VubWQM15ISga57aciEUpdeYMXja-JDb51OkdfSVCusiA23HXrFqdkL9qJd34ABwRpwsvBjMinsC_7jIfhd6VBx37fixI0-yFprzl8UQyiqXJ9SEEF0nkmH4JEKJtrqc8B6YxluGeFg9Oz3hGbTVN7EOXwcHa3TcZrNsQsdz-6XLwxeqVcaA-u874tI79Eqh5YyHQ6ur9rl2Xa9NhZk-Dfkyfxi-VoiaZOAVLfhxxiDOLTF3arSYq4sfJ844sI1spqbFTCRavO0Hzj&sai=AMfl-YQsoD6cwl0J2RRNcNaukkATxlP3XvbVuRdsbGOr0A7WO0vqllPSEUOTrAG-apOK-TQyvRqTkJiw5I9DGd5Av99_d50yWUdQa58qdpoTiL50t-ImpHfy9H3LEK4fXhSPNMpzOBoDOhNHNBFN1iz8aM0o&sig=Cg0ArKJSzGqQaJKD5ICaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 17:55:55 GMT

GET
H3 200 Logo.png
s0.2mdn.net/dfp/477273/5366780345/1700602072674/ Frame FA6A 13 KB
13 KB 67ms
67ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/Logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce9d08d0d744e45e84e8db15b5989ce2456917a4884089b3d3dc934776d37413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072674/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13792
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

GET
H3 200 Img3.png
s0.2mdn.net/dfp/477273/5366780345/1700602072701/ Frame B089 26 KB
26 KB 77ms
77ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/Img3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5589020ecba3c667a1b5559682489407fb0c43056e8331dfe98d95ca3086db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26937
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 376A 236 KB
63 KB 110ms
110ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Thu, 21 Dec 2023 18:10:55 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/dfp/477273/5366780345/1700602072734/ Frame 376A 32 KB
7 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7df8fe29768906b1fa0a8241b8f75a206eac5e019a856c65aa1a8d8050eda4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7524
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:27:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

GET
H3 200 Logo.png
s0.2mdn.net/dfp/477273/5366780345/1700602072701/ Frame B089 16 KB
16 KB 86ms
85ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/Logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4afb0cde23474761c562ff0e95bd93733d40c58aab20131e177f71c7a89ba49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072701/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16463
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/344d5f0b02e9248fd77a36c9f812305e.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c07c1b7f2e0595a192bb20488e1f4a36c857f0873a5c97d35748094983120bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/344d5f0b02e9248fd77a36c9f812305e.png
age: 2512447
edge-cache-tag: 382100085129334323480471648874047741208,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 382100085129334323480471648874047741208,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 204
expiration: expiry-date="Mon, 11 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.karlsruhe-insider.de/
content-length: 29540
x-backend-name: CH_nlb802
x-served-by: cache-iad-kcgs7200042-IAD, cache-iad-kjyo7100055-IAD, cache-lga21928-LGA, cache-iad-kjyo7100147-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 10 Nov 2023 10:53:30 GMT
server: nginx
surrogate-reporting: width=560,height=312,bytes=43044,owidth=1920,oheight=1080,obytes=857196
x-timer: S1703181356.555057,VS0,VE0
etag: "4d71cf58e86a683e0e232375605d794d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 3

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 73ms
73ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&pid=4yTP8ifa8Q9Z6&cb=5&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-WUfhKmjR-6VUbossXjWswSxlJHS8VPvUNWeqoUc5vXfT02zBeI%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fnews%2Fcharlottesville-albemarle%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: H647P8P784FZWZJ978BA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.29news.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: XQUClvQPXTX0__FRoT-Yn83mRo7Abov2kPn6Fwi4J3D7B3lIfg8q7A==

GET
H2 206 https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1700750584%2Fqhev95eqxmulwzenbkpo.mp4
videos.taboola.com/taboola/video/fetch/q_auto:low/ 699 KB
700 KB 59ms
40ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.taboola.com/taboola/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1700750584%2Fqhev95eqxmulwzenbkpo.mp4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.44 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e9861481d5256d46457786ff60fae0eb9091c0c13f2eb57d0036706fc503eaa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.29news.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

strict-transport-security: max-age=604800
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 21 Dec 2023 17:55:55 GMT
age: 2368995
x-cache: MISS, HIT
Content-Range: bytes 0-715549/715550
server-timing: cld-akam;mitm=f;dur=2882;cpu=71;start=2023-11-24T07:52:38.124Z;desc=miss,rtt;dur=0,content-info;desc="width=712,height=400,abps=70847,fps=30.0,du=10.1,vc=\"h264\",bytes=715550,owidth=712,oheight=400,oabps=115705,ofps=30.0,odu=10.1,ovc=\"h264\",obytes=1168619,oformat=\"mp4\"",cloudinary;dur=2763;start=2023-11-24T07:52:38.175Z,cld-id;desc=06394873abbef3148098d83792652347
Content-Length: 715550
x-request-id: 06394873abbef3148098d83792652347
x-backend-name: fastlyshield--shield_cache_iad_kiad7000153_IAD
x-served-by: cache-iad-kiad7000153-IAD, cache-fra-etou8220106-FRA
last-modified: Fri, 24 Nov 2023 07:52:41 GMT
server: Cloudinary
x-timer: S1703181356.578595,VS0,VE1
etag: "5f8d199dbdd26885fb7904211fba6057"
vary: /video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1700750584%2Fqhev95eqxmulwzenbkpo.mp4
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H3 200 Bg.jpg
s0.2mdn.net/dfp/477273/5366780345/1700602072734/ Frame 376A 2 KB
2 KB 66ms
66ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/Bg.jpg

Requested by

Host: ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
URL: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bd7920e641ddc70233b807b2f09ad8fd29b3b75082e94e1a241d3ae6df64b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2325
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
814 B 48ms
48ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b3934c83ffbaaff9752461df7cef31486396a3fa9e34b0b2274aaf69c5597254

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:55 GMT
an-x-request-uuid: 6e270629-7fcc-4644-b481-270bd45ab504
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.101; 80.255.7.101; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
488 B 91ms
90ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdea1e40897e8d255570e5c6810797147cf8510661b2af03b01b95fd7c4fec82

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpLP%2BndvwPlD14xH91rwf1HnYQSvcw1S7IyN7%2BgJ%2BXbnv9KH1U3LJIFLMBaWQrm5PWLufMvxOdfROzWmw8Sq9%2BUbJefrvH9zkWWMgAIKriX5RyaqoZba8k%2BN7mulJJ75tJ08sOBZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.29news.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8391ffb0ba394528-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 47ms
47ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=885
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.29news.com
date: Thu, 21 Dec 2023 17:55:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 Img1.png
s0.2mdn.net/dfp/477273/5366780345/1700602072734/ Frame 376A 34 KB
34 KB 57ms
57ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/Img1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c84a2b7b8c46e95a9cc089b546c8063db9947b98129b37a486de49b99a4cfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34376
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 404 B
184 B 466ms
466ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3228451086031574&correlator=43799406135463&eid=31079784%2C31080056%2C31080117&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwvir%2Cweb%2Cnews%2Ccharlottesville-albemarle&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D3f16588dab6775f3%3AT%3D1703181353%3ART%3D1703181353%3AS%3DALNI_MbknQu4W2ncEm_WY6Y1YJKvJMtKeA&gpic=UID%3D00000d257a46aeb7%3AT%3D1703181353%3ART%3D1703181353%3AS%3DALNI_MYu-bjhzEiWor8WN4UgNC1lkzsQDQ&abxe=1&dt=1703181355719&lmt=1703181352&adxs=165&adys=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&vis=1&psz=938x173&msz=938x141&fws=4&ohw=938&psts=AOrYGskN1FTBVE4F5eLJiz9f5M3VyXvT6jhjJi8TahThVsiwAppK_AkEMoZmusIaLanryyE3-6AbS16jM8N5uQ_Fx-0qaMY11uFg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsk0NFqvS-ACMIbUS-Za6KRiyAoc4vpd9tkWX_JmKo9oRonPTOdQFrtzI9KvWqEbkkawXeP_z1DuJCCqPJXRVvrxBr7qW3vL%2CAOrYGsn3TTJJ-EGg02Uod1Kjta_9SWL77Zb_-KI0-Btr7JRFp1FiNmdfn4H3NWqrkNjL_dAHq5IqHW4oix8470dLv0mj150rNlES&ga_vid=888579181.1703181353&ga_sid=1703181354&ga_hid=246630035&ga_fc=true&dlt=1703181352436&idt=936&prev_scp=pt%3Dstory%26cid%3DMQZR5OXLYFACBITBRWZT2ZVJ2U%26position%3D3%26amznbid%3D2%26amznp%3D2&adks=154431229&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

761a9a291d76f44c84733321f0f057f60b63821904a66639ea064cbefe4f49e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Img2.png
s0.2mdn.net/dfp/477273/5366780345/1700602072734/ Frame 376A 34 KB
34 KB 66ms
66ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/Img2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a087ec3a0fe0f7e349fd0bc6c4d9dcab32e13c0e2cc3fa7377ed17ea377638f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34562
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

GET
H3 200 Img3.png
s0.2mdn.net/dfp/477273/5366780345/1700602072734/ Frame 376A 32 KB
32 KB 80ms
80ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/Img3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ee23b76c8529e2489e4b833e1b4c01bd356c8f5425f7fe8c58c234c9e4eeb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32657
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 135ms
45ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.29news.com%2F&domain=www.29news.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.29news.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 21 Dec 2023 17:55:55 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 229579
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
250 B 477ms
389ms XHR
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a000034LEzsAAG&gdpr=0&src=pbjs&ver=7.39.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.29news.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
372 B 45ms
45ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.29news.com%2F&domain=www.29news.com&cw=1&lsw=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 272322
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
415 B 120ms
40ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

33459a46d0456447c25713d7950d6a1e376b4cb1ec1b6323b27e56d71922ae1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.29news.com
date: Thu, 21 Dec 2023 17:55:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
317 B 181ms
57ms XHR
application/json 54.194.101.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.101.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-101-149.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:55 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.29news.com
cache-control: no-cache
x-server: 10.45.22.50
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
419 B 56ms
56ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: c6d24d167e1dd605aa8e459f2eccc1144568c646ca7c4f7119b2c3e650724fed

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.29news.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sat, 20 Jan 2024 17:55:55 GMT

GET
H3 200 Logo.png
s0.2mdn.net/dfp/477273/5366780345/1700602072734/ Frame 376A 13 KB
13 KB 55ms
55ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/Logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce9d08d0d744e45e84e8db15b5989ce2456917a4884089b3d3dc934776d37413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/dfp/477273/5366780345/1700602072734/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 21:27:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13792
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 17:55:55 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
94 B 208ms
91ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
182 B 158ms
46ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
94 B 203ms
91ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
274 B 135ms
39ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a840d24053cf06642c715c9e550a9936ed27045162c9e3d3575f57a1752cb530

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.29news.com
date: Thu, 21 Dec 2023 17:55:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1991 42 B
174 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssr4Rj7ALX7l-vahH4FaJz5QRmN74fSyQ62BzWiajW4O5n8J0BwNXY7kEIuv3Ha0wp07IE-Zrrig2DmC76tn_7-c4qk_irRDJmRqLvJslvaa8tyck8fyvGjmVxZp2VvonM0pv3OJkSEFEBQqgEtVwJDEw&sig=Cg0ArKJSzO3fTScE74SQEAE&id=lidar2&mcvt=1005&p=370,1135,970,1435&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=1117252256&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703181354265&rpt=704&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
94 B 127ms
94ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
94 B 126ms
92ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 429.json Show response
id5-sync.com/g/v2/ 251 B
531 B 120ms
40ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/429.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

903e403e5d4af2e03930fd0c87fa9bc07b7898f87d9002b47a8d77d3dada2c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.29news.com
date: Thu, 21 Dec 2023 17:55:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 39ms
39ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231221-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Thu, 21 Dec 2023 17:55:56 GMT
x-amz-request-id: 9T8G4R1J257WC6ZV
age: 2771
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by: cache-fra-etou8220106-FRA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1703181356.143236,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 60
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 17993

GET
H2 200 / Show response
pips.taboola.com/ 4 B
122 B 39ms
39ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220114-FRA
date: Thu, 21 Dec 2023 17:55:56 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.29news.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 409ms
136ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=bd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Dec 2023 17:55:56 GMT
cache-control: no-store
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ABE0 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAL8SVJrFwZ_6pxkgCrDnJjTNVauNYXsoi-3GAhydOfFlAAQwHdefVHATClT9AoXwO3v7X7XYjogw9Ds0aECkJgTY_4tpGcOuLiausqRn2YikLwF1XRqgfJ1q9pbUXl4ES6cO2vzyyYggKT1D96TgBKg&sig=Cg0ArKJSzJ94OwzdKq11EAE&id=lidar2&mcvt=1003&p=229,436,319,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=1177105780&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703181355244&rpt=160&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
94 B 48ms
47ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 17:55:57 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.29news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
301 B 130ms
45ms Image
image/gif 18.65.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=19&c2=10477191&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1703181357770&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20120.0.6099.109&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1703181352768&ns_ts=1703181352767&ns_ap_cfg=1110101-111-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1703181352768&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fwww.29news.com%2F2023%2F12%2F08%2Fcrozet-group-knitting-hundreds-caps-newborns%2F&c8=Crozet%20group%20knitting%20hundreds%20of%20caps%20for%20newborns&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-29.ams1.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:55:57 GMT
via: 1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: 3YXw4NrPpVE0Xj2Lns4ButAXYVgnqZDVZDG-QOmLwYDEPPN1ZffAUQ==

GET
H2 200 a270073146d244d3af1b6b9d9a87cdb3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 34 KB
35 KB 43ms
42ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a270073146d244d3af1b6b9d9a87cdb3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fee52d15c4b56bde88358ec80885bc2107189539bfedc88469275e60b617fc0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 21 Dec 2023 17:55:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a270073146d244d3af1b6b9d9a87cdb3.png
age: 4964002
edge-cache-tag: 593737419466893364170807398645161148167,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 593737419466893364170807398645161148167,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 276
expiration: expiry-date="Sat, 21 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://webmail.freenet.de/
content-length: 35098
x-backend-name: CH_nlb802
x-served-by: cache-iad-kjyo7100174-IAD, cache-iad-kjyo7100148-IAD, cache-lga21939-LGA, cache-iad-kiad7000127-IAD, cache-fra-etou8220106-FRA
last-modified: Wed, 20 Sep 2023 21:11:52 GMT
server: nginx
surrogate-reporting: width=1200,height=666,bytes=59515,owidth=1200,oheight=800,obytes=1280478
x-timer: S1703181360.500786,VS0,VE0
etag: "c43bc1354d65a7e3cf498a8594fcb66e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 2

GET
H2 200 ded00206f9ca6e54006909de792e25bf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 60 KB
60 KB 43ms
43ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ded00206f9ca6e54006909de792e25bf.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 048795e411f0f0155e6903d0cdf2a0c2c88de3c34b55f2e1d95fa145d9b64206

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.29news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 21 Dec 2023 17:55:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ded00206f9ca6e54006909de792e25bf.jpg
age: 3375229
edge-cache-tag: 617187672665507245472347374174246811893,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 617187672665507245472347374174246811893,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 402
req-referer: https://www.waz.de/
content-length: 61002
x-request-id: c67f257c7ba4ebcadd29187e0c8a74bc
x-backend-name: LA_nlb203
x-served-by: cache-iad-kjyo7100060-IAD, cache-iad-kjyo7100091-IAD, cache-lax10622-LGB, cache-iad-kcgs7200104-IAD, cache-fra-etou8220106-FRA
last-modified: Wed, 11 Oct 2023 10:32:44 GMT
server: nginx
surrogate-reporting: width=1920,height=1066,bytes=191371,owidth=1920,oheight=1080,obytes=1227954
x-timer: S1703181360.500782,VS0,VE2
etag: "6a5e7994262fd07e512f115820fa8995"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
120 B 91ms
90ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_9/infra/cmTagINSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.29news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.29news.com
date: Thu, 21 Dec 2023 17:55:59 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 17:49:33	Name: _li_ss Value: CggKBgjdARDkFg
.piano.io/	1970-01-20 17:06:23	Name: __cf_bm Value: WA4VOvBooTuxeusbuMK1JwBJ077AfhBsSePqJ4zhX.0-1703181352-1-AaVkrdrcbhL7Ey/vc3fw0ZbFpMXKfAB0sVnyQKxqf2slk6WBtglLIzt3+YrT6pSWO7HwOwcaixY7l/89oYzu+8I=
.29news.com/	1970-01-21 02:35:09	Name: _cb Value: DR9BiYCnRXGkCqsy8i
.29news.com/	1970-01-21 02:35:09	Name: _chartbeat2 Value: .1703181352921.1703181352921.1.BVNNlTBY2abTCOwvj_DihdQVn6jVM.1
.29news.com/	1970-01-20 17:06:23	Name: _cb_svref Value: external
.29news.com/	1970-01-21 02:35:09	Name: usprivacy Value: 1---
www.29news.com/	1970-01-20 17:49:33	Name: _pbjs_userid_consent_data Value: 3524755945110770
.29news.com/	1970-01-20 21:25:33	Name: _pubcid Value: ccf53de3-7704-4196-bf2c-49211820a1f8
.29news.com/	1970-01-21 02:42:21	Name: _ga_LQ23MJC9WT Value: GS1.1.1703181353.1.0.1703181353.60.0.0
.29news.com/	1970-01-20 17:49:33	Name: minUnifiedSessionToken10 Value: %7B%22sessionId%22%3A%220b8b257e80-4ee9dd635a-636e9246d7-ddeed7f74b-78e2d618db%22%2C%22uid%22%3A%22439e646cba-c9bd0bcd46-de0a5623ab-2c3b1e09e9-579779e19f%22%2C%22__sidts__%22%3A1703181353402%2C%22__uidts__%22%3A1703181353402%7D
www.29news.com/	1970-01-21 01:51:57	Name: minVersion Value: {"experiment":853304102,"minFlavor":"Gray Groupmi-scraper-1.17.0.32.js100"}
.29news.com/	1970-01-21 02:42:21	Name: _ga Value: GA1.2.888579181.1703181353
.29news.com/	1970-01-20 17:07:47	Name: _gid Value: GA1.2.1559038338.1703181353
.29news.com/	1970-01-20 17:06:21	Name: _gat_RMD Value: 1
.29news.com/	1970-01-21 02:35:09	Name: _awl Value: 2.1703181353.5-f06e64fe77ed1f2996a9a7c749fbb43d-6763652d6575726f70652d7765737431-0
www.29news.com/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1703181353584%2C%22visitNumber%22%3A1%7D
www.29news.com/	1970-01-21 01:53:23	Name: pnespsdk_visitor Value: 9su8yswl15tfqmwc
.29news.com/	1970-01-20 17:06:21	Name: _gat Value: 1
.casalemedia.com/	1970-01-20 19:15:57	Name: CMPS Value: 3344
.adnxs.com/	1970-01-20 19:15:57	Name: uuid2 Value: 1100579798774027487
www.29news.com/	1970-01-21 01:51:57	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Dbd9a17cd-cfe6-4f8f-b4ad-fd0d22a3b1e2-tuctc7e01a9
.casalemedia.com/	1970-01-21 01:51:57	Name: CMID Value: ZYR8KvLE93RWeOdPB94-jAAA
.casalemedia.com/	1970-01-20 19:15:57	Name: CMPRO Value: 5252
.quantserve.com/	1970-01-20 19:15:57	Name: d Value: EAoBDQHbKrjvsQA
.quantserve.com/	1970-01-21 02:36:35	Name: mc Value: 65847c2a-4e157-11dd3-70359
.ctnsnet.com/	1970-01-21 01:51:57	Name: cid_3feef54b7f9a43148cb1c6c92f8862ac Value: 1
.doubleclick.net/	1970-01-21 02:27:57	Name: IDE Value: AHWqTUnXtpEkXQMBHZCTUbKLPMz0jIW_wLojVSY7VR6gNUBDjW_ASDO_kqS8ysqOb0s
.simpli.fi/	1970-01-21 01:53:23	Name: suid Value: 4343C735FF0B4F99A3C8A6C064786F76
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1sjA0NzcyNjMwMRTiM9TNKnfJjTQpzin2d80BABmL-2glAAAA
.rfihub.com/	1970-01-21 02:27:57	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1sjA0NzcyNjMwMRTiM9TNKnfJjTQpzin2d80BABmL-2glAAAA
.rfihub.com/	1970-01-21 02:27:57	Name: eud Value: H4sIAAAAAAAA__vFyGtobmBsaGFobGpiYmQEACDKt3cQAAAA
.company-target.com/	1970-01-21 02:42:21	Name: tuuid Value: 104596d3-8dc0-472a-91b8-00a470c80a12
.company-target.com/	1970-01-21 02:42:21	Name: tuuid_lu Value: 1703181354\|ix:0
.doubleclick.net/	1970-01-20 17:06:22	Name: test_cookie Value: CheckForPermission
.amazon-adsystem.com/	1970-01-21 02:42:21	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 21:44:16	Name: ad-id Value: A49f3tHY5EPzsWN8-iQ7Vjc
.liadm.com/	1970-01-21 02:42:21	Name: lidid Value: 16d000b8-4b70-4e02-a9d6-4ec13b833102
.29news.com/	1970-01-21 02:27:57	Name: __gads Value: ID=3f16588dab6775f3:T=1703181353:RT=1703181353:S=ALNI_MbknQu4W2ncEm_WY6Y1YJKvJMtKeA
.29news.com/	1970-01-21 02:27:57	Name: __gpi Value: UID=00000d257a46aeb7:T=1703181353:RT=1703181353:S=ALNI_MYu-bjhzEiWor8WN4UgNC1lkzsQDQ
www.29news.com/	1970-01-20 17:06:24	Name: _lr_retry_request Value: true
www.29news.com/	1970-01-20 17:49:33	Name: _lr_env_src_ats Value: false
www.29news.com/	1970-01-20 18:32:45	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-21T17%3A55%3A55%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.29news.com/2023/12/08/crozet-group-knitting-hundreds-caps-newborns/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.29news.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd312.akstat.io
aax.amazon-adsystem.com
acdn.adnxs.com
ad4m.at
ads.pubmatic.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api-esp.piano.io
api.rlcdn.com
apv-launcher.minute.ly
c.amazon-adsystem.com
c.go-mpulse.net
c2.taboola.com
cdn.indexww.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
code.jquery.com
config.aps.amazon-adsystem.com
counter.snackly.co
d.adroll.com
d3agakyjgjv5i8.cloudfront.net
dis.criteo.com
dsum-sec.casalemedia.com
ecd4c35a7671db252962dcd7ced2de35.safeframe.googlesyndication.com
euexchangesync.digitaleast.mobi
fiaqjiathaajekqce3ydkaaaczsyi7bk-pmf2el-d684f48e6-clienttons-s.akamaihd.net
fonts.googleapis.com
gray-config-prod.api.arc-cdn.net
gray-config-prod.api.cdn.arcpublishing.com
gray-wvir-prod.cdn.arcpublishing.com
gray.video-player.arcpublishing.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
ioms.bfmio.com
js-sec.indexww.com
kd7qozk7mu3ggzmepqva-pmf2el-f52f0093f-clientnsv4-s.akamaihd.net
lb.eu-1-id5-sync.com
lexicon.33across.com
mab.chartbeat.com
match.adsrvr.org
match.prod.bidr.io
operationchicken.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pm-widget.taboola.com
polyfill.io
powa-ingest-prod-us-east-1.video-player.arcpublishing.com
pr-bh.ybp.yahoo.com
reconditerespect.com
region1.analytics.google.com
rtb.adentifi.com
s.amazon-adsystem.com
s.company-target.com
s.go-mpulse.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
snippet.minute.ly
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
t.pubmatic.com
tpc.googlesyndication.com
trc.taboola.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
um.simpli.fi
ups.analytics.yahoo.com
videos.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.29news.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.queryly.com
api.rlcdn.com
13.227.219.102
141.226.224.32
141.226.228.48
15.197.193.217
151.101.1.44
151.101.193.108
151.101.193.44
162.19.138.117
162.19.138.119
172.217.16.130
172.64.149.180
172.64.151.101
178.250.1.9
18.65.39.29
18.66.138.185
18.66.218.55
185.64.189.112
185.64.190.82
193.0.160.130
198.47.127.19
199.232.211.52
2.17.22.25
2.19.105.180
2001:4860:4802:32::36
2001:4860:4802:34::178
209.54.182.161
2600:1901:0:4277::1
2600:1901:0:636d::1
2600:9000:20ab:3e00:8:48e:53c0:93a1
2600:9000:2449:b800:18:1fcd:353:c61
2600:9000:2646:fc00:b:5584:2800:93a1
2606:4700:10::6816:49ae
2606:4700:20::681a:bda
2606:4700:20::681a:d56
2606:4700:20::ac43:4a81
2606:4700::6811:180e
2606:4700::6811:c276
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:803::2003
2a00:1450:4001:808::2006
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::200a
2a00:1450:400c:c1d::9d
2a02:2638:3::c
2a02:26f0:3500:11::215:14dc
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:1b::1724:a389
2a02:26f0:480:18d::11a6
2a02:26f0:480:980::11a6
2a02:26f0:480:c::210:f18b
2a02:26f0:480:f::213:7ecc
2a04:4e42:200::282
2a04:4e42:400::649
2a04:4e42:600::714
2a05:d018:cc3:fe04:1a4f:40b4:84ae:b1d5
2a05:d018:d29:3601:7018:7dc3:a4e8:e820
3.210.129.105
3.228.157.65
3.229.112.134
3.75.62.37
34.199.75.211
34.95.81.168
34.96.71.22
35.186.193.173
35.204.74.118
35.244.193.51
37.252.172.123
52.213.118.96
52.222.175.65
54.194.101.149
54.88.121.69
95.101.54.145
95.101.54.99
00fa20f893accdf6609bbe586aa81c3070fa98b491383689522da598c5a35010
01b83ab9dd12f79d5f3ec8b655c274567e016aacc9f3341ba33947bc269ce41a
01ecae2ce741dd849e86f1dac3d1c5003cc24a2d42be8773f6d99d5d45575c70
02466c3c035419a9657824e4d82d61f4f19c3bde2a8e892bff94d5196ce16c0a
038d9bccfdcea26ebf22b124813ce82aef6606c082f8cb7e487ad76a209788a9
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
048795e411f0f0155e6903d0cdf2a0c2c88de3c34b55f2e1d95fa145d9b64206
05d5dca5168fa7a88e420d431eaab7e5c944faa649fef021ecb22907929c63e0
066b4c43703e0fac583d07f0fa802396abad8a1347f327788911f524072d5905
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
085f3999c4a267279e2e6ab24101a9410029b6aafe3374b939dbb8653d0c6004
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a087ec3a0fe0f7e349fd0bc6c4d9dcab32e13c0e2cc3fa7377ed17ea377638f
0ab55d2712e56ad10ea10c4e34827267d960db15108f99a38280795499563314
0bd3579eeaf1e873085949886f97191f13be80d67d7766a8ac927875d4814347
0c5187cc6a477a36cab6a784399fecbbb697fb6a6bc0e3d0a6fa9ff1da679954
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d39bbdcae43253b7e0d7a69841e70d8781ac7aaca5cd9a20fc9edbf5c643e76
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0ee23b76c8529e2489e4b833e1b4c01bd356c8f5425f7fe8c58c234c9e4eeb30
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10f9b865c2ed7f8a10b1c9999cd9b7ef8b625758065fbf581878c5ac2d291fd1
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
11672cc90a8571586f8849407905402440fe0d5772c804d3213c623d78add561
151f6b996cf32b6173b5cce91507a353c7fcf80aed4a778d8d5a2574fdef1f20
189643b703e8b9eee685cdfebdb48515e9c4acad591e486d4d643c4031e24568
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19b4567c452b6930d4bfed55a27a48f3239fb3528d662495755b4d62aa595496
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1a49c241474f6fcf10a482b6a13e69b4312f9e452f64e908b6ff3c794fb81d09
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1b63862eedec7b1ff7fdff3ca9d962baad621fab0ef32db5d5e99e1f9878becb
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2173471d2057bf7f6a4f1e832e72dca89b13655ac8fad8780c2c984160d6ec61
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
24d7b5b06e434d95e42be981ab996ef57a262441131afa1239937b5e00afb65c
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
296e75a15fa08321192357d4287228d75cddedfbb35b8511d8e5cd22463fb2a4
29c12d112c9911cae43d9c3d40e837d43ef4a09963528569cc4417d18468024c
2e96736db1d732e3e9057e427079f528f434d2ba9caf5b3a7adaf788f14f525f
33459a46d0456447c25713d7950d6a1e376b4cb1ec1b6323b27e56d71922ae1e
3401ced6f532dabb56bb8885559e3c32d7f1163c1cc10f60c22788be60cd34af
3611618619419c86e858443ee49b1aacf3eab8a34945aa2e791815902c379a0d
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3aa4ca6695d8ae0c001c53cc99ff1e93eb5efc8fa8948e6a2577299cdd96f428
3ae9d5299a359368ab3b399a1dd962f499cca47dded0d578e4b1deb938420387
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
40ac0623afafeab3f145d8074502d9aef574eb35ec28fc719f14dd8e5087b788
4144d655236b3d76f29efe361fafabc5a105d33fa5e3d0b52f0c80c833d2dbe5
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42c6604b85457b472ca4d4362b5786185c00a44363f0c34f6b8bed6a504c5ca9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
450cdbea50d33a3a70ac96eb00516795bdc359dd12d3b5f9e1af5f7a94d642aa
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4898194e21038f32b77d621e873217a3e2d330231b652b55821aaaa9b5dfa9a9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4977ca47f80de98d06de8c53b58460c30df07b20dab8dee5c4f9be0b21d3b88c
49da2800a745ccd79fa0495be32c6221c15e109d91e0544caafb129913fe325e
4b7a5a4cc369fbf887fc098793578f308d0b3e1f51c6fdb5765e5b433e1dfc89
4bd7920e641ddc70233b807b2f09ad8fd29b3b75082e94e1a241d3ae6df64b6e
4c84a2b7b8c46e95a9cc089b546c8063db9947b98129b37a486de49b99a4cfe5
4cc787b3422de053940d1ff6736ce187fb73b0d47dddd2ecdf2b5c70f6f5f102
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d58903f2b2fcbd3dc9adbe40c77cd0d3926f9d1b96394ad957ece8edffd7a97
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8b78c2aa70f6522adbdbd545bfd76e4a659e99a5d6bf389e33d38b63d33109
4f3ad61682ad500c26802c97e1b7367dfb0b71a2e0534299b3bd1f21732e1d66
5062fda3a1a18613a55b5666666df4e244ae1614bc80773f011da56d10d411e2
5212b58cee8799630e2c7aaa58a31368ca5cdbff722dcbff81b60e519dda138f
528e02f0c22bbc258ca12ab35563b74650d81dfc604e5ce3a030cc03c0c29109
5298433734f4cf36853c7eae0161b734a6191b7a557ad26849d598c970616deb
53b988c3d873cd2c0c14d099834524858337e92c5a0a69884f102468a3d469a9
54dba0630e5668ff0b2b8b2f83694029950b9344842e5199e58a227f33ae25e9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
58eb11807a0760c15d36291ca18203c79142810a3fc40062f249d36493b96617
5b52d62e49ea4153c0b7204ddf829d6cdab0c33d2ba75acfa5ffdb45f9d4462f
5c07c1b7f2e0595a192bb20488e1f4a36c857f0873a5c97d35748094983120bd
5ca6dc560769be8ceae42b3f0326ffdb9e2e8d70ed7d77fc561602d0228f4654
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
614ed92717f9297ec76775d163a45d9df0db0282485144f5cc4efa1df9511a1f
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66d7b2344b1aef077bbf6359f32faa055b4cba8d9f2d873a6b9cc04330f01749
66f807b4adc100789cbaea28bdd4b71ca60a1999d35d6d675a56f588c97b7e12
68695c601fa95d4bb33373955d52ec3f8a5c0b8233df2019918276a1fe1f55e3
6985188ba0c71d805b23b36bdaff8334dd568b0fc329aa3ecd32fff95d1f0edd
69dd23781bc7bf1732f356b9885cdf722991af8ae7fdc450522529e5d60cc5c1
6a302b34ce783fda0c1a493fe5161d2222b71d2409accaa88d454b866ba807ff
6b407b0f6d56031e885d9f606abecaf2453e3a9ef427676c89c0f0cd995b16fe
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6cb8130702088124b2c83acf10845c278984c8bd84ca17e22bebd4ebd5aa72e6
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
703e7c411ac19e2fc84358be95709b28c17970570ea9ba5bcd2470256924a4d5
705a0344ba91b225b31594577ec66e98084c564c6fa3842ca6a6e922532da4bb
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
761a9a291d76f44c84733321f0f057f60b63821904a66639ea064cbefe4f49e7
77b3b9d0d85cfbb404125756c8028a784d303a08798f75557c47c69f7b2ae24f
790e90d45636000ad24f407cb54e878f2a793a795fbf95497396074aa0d39ddb
7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425
7d7b187cc67b247dc96e69792c53e7217bf1e1fbeb0828f75961abad573e126e
810d9203d0e7d3abce29279a90ab99c3472a19cd32a7b96a0e83ceca32064aa2
81256243b485bde43a971318444b81f847e21373692370e26c40178472614829
8178adf65407e2bbf4c98e4ff8eab4057f4c65044816377231c5a86d824ff561
8257e3f3a5939a2a8e1ea470645bc40d9e2f626c59ec06307d0ed5f3f00b8ab0
825d6725809a6a6a8b92fa000731e603b6db437bf29f0a2660676a33a5b711a2
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
8463c368bb42384b3273515b49ba7a0f83b0c59109368949b05d2fc1d18a2532
86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba
88b32005c1ec31716d19e0f8dbb05cbc666fe3b81ff87747a907af71b41cce5d
893eae8627f763dd720a9e4b4b154f263b1d3ad340396137d9f4c5ef1a655f85
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8cce80146bbbeb6ed455eb29987cd7c45cc2efe447313aa75f8305c647b41916
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da023dacb313554ad2b7cee7c0ff07b8887310911ddcd7af10bfb4f58736f0a
8dbf325c52133238de40978355c8336b6259d555ea6d1866bdf8cf9b923eb384
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f0e0e0a345c71362655aec8ec60b105bc69e4e846351623ba7fa7b60884c4d0
903e403e5d4af2e03930fd0c87fa9bc07b7898f87d9002b47a8d77d3dada2c26
91c3a1477658a031f6abcd5b71fddaa2774e3284976ca2240440eda8f37069a0
92ed521949fc4f78131e3076ddae64bf311c6da4b844419d8a0f7c1ee3bc2b3d
9388846167132174c6dc900a3f0353b4c3c16e95f6cd715de708b2a879eab7f7
93d1f821e124e2dfc72197cb816ba57fae501faa2717478c4d0a07c83de081f6
93dfbe7a61ac42cd35fb8489d1c3bfd5a4ae2660a29a1111eb0f906c05115956
960e93d018c45bcf3ec1f8c6094433afdaa268edfd4a1aaf90f4da83a86224d0
964331b5d63effd3d07e07a8b95d9952fa639ec107239ad121234b47abd97692
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
986cb62d07143c81a180e9a89acca4ab436bca216830be89a61765af21e692ee
9904e7968b2357f70ee7ebdd08d6a7f1816d70249b82c447b6f4710e0fb0f7b5
9ad1bdac24ea6e213f86e8b70336ef3ca5304faa3f217ee2793a61b0d5fa58cd
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9c80678132c31756a257203eba3f9a922fd8c5b7b974b9cbc9ab64a5b6e23a86
9cc9cc259a52808ef6cfeeca1e7a2c1d4c84ee3248150350f24c41d5e1453d21
9f4698460ba3c33e8dd4dfe33177505e5f7f741b5e3fc49bec24d6c336c76583
a083ba905e5339d8691a6620b8569d11d306bf961c5c78f938633913920086f4
a15bc87b6a312852f56b3a067ddd636fd4cec4c41005be8dd7a8f68883e084e8
a1a13e29fab1da43215d2816a70443dc4086b72d1284c8efc7fc60824c2ae59f
a1ce2ebc5559dd55f9d1b9aeb0df3d567623fb2ab8c25358d5c47eaaebfc7642
a3a0e64f0cfce11a752e3dbff9b830977805611fcdd690479f49fa7a7c590b58
a3c3fff679893fcfe09b9d05125eccda5fc6c254c8388299d30859ba9d86f7f5
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7
a4cc67f056cd1014b97865ca712d760b07eb05e7d70c94b9fb276981d3348c6f
a840d24053cf06642c715c9e550a9936ed27045162c9e3d3575f57a1752cb530
a91fed9ab29104934dd68b7678ff24d12db069abb8b88687988dc3148055bb9c
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ab1a6a9428cd4b61a2e2f87ad0006b31bde0742bab5fb0eef41da0d41c43d022
ab5589020ecba3c667a1b5559682489407fb0c43056e8331dfe98d95ca3086db
acb4a3274998a2fdb4829e8ce1084625759b64d662458c204077ff0c502f6aca
accaceb4846ad583d1dc334d4bf843ce576b0f12359988cd0f7d316aa37813d2
ad52d77adac2495edc9ed949213592b8ea71fa9ecc589832fd0e36270ea4d9f1
ae2e26dd5055b20d2b55e5efec136e5da433dc3a75df7d266467bb93c998f33f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b124870224b6762e63a7d41a56096bb8effd0702454202495b0cfd4316f61ec0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25c0a5ad0a261ef3447ec8b32ab922aad4a5afae081b7514a68ab4c45bad3e6
b3934c83ffbaaff9752461df7cef31486396a3fa9e34b0b2274aaf69c5597254
b4b72c7ba22a431dac1a657492acfddfd91bf9fbc71c6c61213cce089ee58714
b4e9d82a4257a979307aa20b04a13fabb144d93647ed18e30085be4302517643
b697e8278f943c58dac1898b620bbee48477c30cf7a2ba117a29a38a1f06c324
b8561de28162e46c4f8c8fed9e5462f833c6e6eeef9fc25e002a6cfe13251114
ba470797eae0d255a4ff5dc4fc8c1fdf3e9258d69b63ec88e11d516668b2f3f6
bcbe444cd040c8743cb06bfc39a94f8969129572d045cf8dd9e959355d383974
bcbedbe279a0cec2c07f1ef374dc08d00c76d30cd2a9138f1a5b9ca7331f0ca0
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c00924738e54e5638d69595bd2d5b0322f6b0b246762dae6bccae7f0b2b62074
c038356f5dd062dc662f8b140c3fe86b5f1726ccc4c83edfc2022c02f6adc356
c0e389ee38bf3300bf233b2b74311fd4ff5f05dafab64221a1efcd91d08d8c50
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c23b30bfbc0bd812419c64c97f1dec5597f32dbe3e93ba7f811baabbad683e0f
c314a5902c8a2837b5dc12afb0cbf5533d145f71f0146e26c87cdd180c57e997
c63c9ec62861ab2e86c12aa717e568126cf51054db9549b0f25d572fc51ae58c
c6d24d167e1dd605aa8e459f2eccc1144568c646ca7c4f7119b2c3e650724fed
c8d36727b33c7e53f5e856a10288542c2e232484bf9108649155a8d0c4050a2f
ca0797979b9b0f0f5229c97d01e91d6a8231997db2ef82f39c066cad10e29b67
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca76ab4fec5ea3151efaf32f5b85ea7b30070e2b89438954d47728d6e243f705
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
ce9d08d0d744e45e84e8db15b5989ce2456917a4884089b3d3dc934776d37413
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d45bcc295355e0fc981777b1326ea5b5bc1e2b57ce0293f24c42d9b16f74738a
d5644b46d5d663155f02502683f9d4ed7d7b3885cb2b04fbc9f1ac9da0d0eff9
d6f9b2b1d062e31d2371f04bed92cf063b18227986a97d5899de1821603ae5ba
d7b3d8230172df076ebf63390c12d9a422652db2806b14d02c9bb7f6f982a078
d7df8fe29768906b1fa0a8241b8f75a206eac5e019a856c65aa1a8d8050eda4c
d8c1cd30b8d688d8c55a18a8c18a83e91872d8ef631c9c8cb467bd099238fcf1
d93036adeac11cb74bc02c4a7d1e54d4998ff1c87cda841f7ec7c39a3bfa786d
da956cd20c0ce066a1989a1dba2de8d8d789c4396bf4bc450e24ee00a9760779
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
dbbb9e9c147208dceafb824ca1bb07efeab0122fb9561e3320ec773eaa655fa2
dc321b856433aed192a3c40bcdf0c2177c5bf2a9a9d40e23d464d2da34f23d49
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e34791099157cc89185c8d4ec8a826121203a77a0f0cb0f119c0ae29a71ffb8f
e3584b55397071ae064f8f4e86691e47933538138e2d2b1966d8283cdf138257
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4afb0cde23474761c562ff0e95bd93733d40c58aab20131e177f71c7a89ba49
e4ec14e4646953ab750a8addd2eebfe53482197db38b9f84dc4dc89fea273ec0
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e82c4334163acb13a271f826d1b88fe14323dab878a8f56c8aa90f90ca5dc747
e8572fefb683e35223c355e9d33dd17f55bf251507acb71bebabd7624de6911c
e9861481d5256d46457786ff60fae0eb9091c0c13f2eb57d0036706fc503eaa9
ea2ec1868074d302065374e80d6aa958631aa33b8071c27cc60868c7b8b948ae
ec1cdd7ca3cc1a2b1ad4e76d425691cb0e7e4fc64cdc540772a17ba07f319fdf
ed3e82982709c80b6c44ba9d0657462f258df046c52409702e5f3f06ccdcfd51
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
ef101d087ba651634657546645af2d3d6000769a0987a8fe58c0055c45708f5a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50a6c5488351116c150e488dcef816ae863410a9aafc88245343cf069117eee
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f9eb6c867550109c6cce3fd0c4b4cde28024919576f6149ebf86ca27d7f74fbb
fa47780143a54c056a03fed58a8b7eb0e99c340b9b6b6a3409f360912e6a06d0
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fdea1e40897e8d255570e5c6810797147cf8510661b2af03b01b95fd7c4fec82
fe663eec60a09befbe1ead3fbd8efea2cb0f4eceac379cf812c5e8f39bfe721b
fee52d15c4b56bde88358ec80885bc2107189539bfedc88469275e60b617fc0b
ff54f31beb950fd0a5e86afd8fce08a77f6540224794971024ab7ab7b7e041aa

www.29news.com Open in urlscan Pro 2a02:26f0:480:f::213:7ecc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

371 Requests

94 %HTTPS

48 %IPv6

56 Domains

97 Subdomains

71 IPs

7 Countries

7622 kBTransfer

19017 kBSize

42 Cookies

59 Outgoing links

Redirected requests

371 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.29news.com Open in urlscan Pro
2a02:26f0:480:f::213:7ecc Public Scan

Screenshot
Live screenshot

Full Image

371
Requests

94 %
HTTPS

48 %
IPv6

56
Domains

97
Subdomains

71
IPs

7
Countries

7622 kB
Transfer

19017 kB
Size

42
Cookies

371 HTTP transactions
0 data transactions