www.14news.com Open in urlscan Pro
2a02:26f0:480:f::213:7ec8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://csv9f04.na1.hs-sales-engage.com/Ctc/DM*23284/cSv9f04/JlF2-6qcW8wLKSR6lZ3nZW8Wdfz785ZPzYW4H_SJ-3NHblJW3WJzcT2ptCqRW58tDfC5p_2GwW1...
Effective URL:
https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Submission: On January 12 via api (January 12th 2024, 10:58:23 pm UTC) from US — Scanned from DE

Summary HTTP 348 Redirects Links 48 Behaviour Indicators

Summary

This website contacted 72 IPs in 8 countries across 60 domains to perform 348 HTTP transactions. The main IP is 2a02:26f0:480:f::213:7ec8, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.14news.com. The Cisco Umbrella rank of the primary domain is 252979.
TLS certificate: Issued by R3 on January 12th 2024. Valid for: 3 months.

This is the only time www.14news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:440... 2606:4700:4400::ac40:95a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a02:26f0:480... 2a02:26f0:480:f::213:7ec8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	2a02:26f0:480... 2a02:26f0:480:c::210:f18e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
3	18.239.69.131 18.239.69.131	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:209... 2600:9000:2090:8e00:b:5584:2800:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:244... 2600:9000:2449:3200:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:c56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:0:4... 2600:1901:0:4277::1	15169 (GOOGLE) (GOOGLE)
5	184.30.16.195 184.30.16.195	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2606:4700::68... 2606:4700::6811:c376	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
80	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2a02:26f0:310... 2a02:26f0:3100:782::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	18.238.243.122 18.238.243.122	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	2600:9000:20a... 2600:9000:20ab:8c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.235.12.81 34.235.12.81	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a39b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	199.232.211.52 199.232.211.52	54113 (FASTLY) (FASTLY)
3	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:184::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:ada	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2 11	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
8 37	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2606:4700:10:... 2606:4700:10::6816:49ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:0:6... 2600:1901:0:636d::1	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
8	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	184.30.16.183 184.30.16.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
8 8	23.22.230.241 23.22.230.241	14618 (AMAZON-AES) (AMAZON-AES)
4	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
13 14	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 2	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1 2	54.229.214.219 54.229.214.219	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
1	50.16.139.245 50.16.139.245	14618 (AMAZON-AES) (AMAZON-AES)
1	18.197.244.187 18.197.244.187	16509 (AMAZON-02) (AMAZON-02)
3 4	2a05:d018:d29... 2a05:d018:d29:3602:44eb:b5a2:2ad7:b31f	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 1	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.160.19.107 34.160.19.107	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	70.42.32.159 70.42.32.159	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	104.115.82.16 104.115.82.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.204.155.173 34.204.155.173	14618 (AMAZON-AES) (AMAZON-AES)
1	18.238.243.59 18.238.243.59	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
20	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 1	54.195.229.193 54.195.229.193	16509 (AMAZON-02) (AMAZON-02)
1	13.227.219.27 13.227.219.27	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	52.51.166.94 52.51.166.94	16509 (AMAZON-02) (AMAZON-02)
1	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
4	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	18.239.83.126 18.239.83.126	16509 (AMAZON-02) (AMAZON-02)
348	72

2 2606:4700:4400::ac40:95a5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

csv9f04.na1.hs-sales-engage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:480:f::213:7ec8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.14news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:480:c::210:f18e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

gray-wfie-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.69.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-131.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2090:8e00:b:5584:2800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3agakyjgjv5i8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2449:3200:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:c56 (United States)

ASN13335 (CLOUDFLARENET, US)

www.queryly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:4277::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

reconditerespect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:c376 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

80 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:782::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-122.ams58.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20ab:8c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.12.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-12-81.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:1b::1724:a39b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

gray-config-prod.api.arc-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.211.52 (United States)

ASN54113 (FASTLY, US)

apv-launcher.minute.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:184::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ada (United States)

ASN13335 (CLOUDFLARENET, US)

snippet.minute.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 172.64.151.101 (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:49ae (United States)

ASN13335 (CLOUDFLARENET, US)

counter.snackly.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:636d::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

operationchicken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.22.230.241 (Ashburn, United States) 8 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-230-241.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.18.98 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.243 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.214.219 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-214-219.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.71.22 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.130 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.139.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-139-245.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.244.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-244-187.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:d29:3602:44eb:b5a2:2ad7:b31f (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.19.107 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.159 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.115.82.16 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-115-82-16.deploy.static.akamaitechnologies.com

gray-config-prod.api.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.204.155.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-155-173.compute-1.amazonaws.com

powa-ingest-prod-us-east-1.video-player.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-59.ams58.r.cloudfront.net

gray.video-player.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.229.193 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-229-193.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-27.ams54.r.cloudfront.net

boadedshedisite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.166.94 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-166-94.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.83.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-126.ams58.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
107	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1024 c2.taboola.com — Cisco Umbrella Rank: 7279 pm-widget.taboola.com — Cisco Umbrella Rank: 3284 trc.taboola.com — Cisco Umbrella Rank: 646 vidstat.taboola.com — Cisco Umbrella Rank: 3158 am-trc-events.taboola.com — Cisco Umbrella Rank: 14648 images.taboola.com — Cisco Umbrella Rank: 1693 wf.taboola.com — Cisco Umbrella Rank: 2974 am-vid-events.taboola.com — Cisco Umbrella Rank: 15154 imprammp.taboola.com — Cisco Umbrella Rank: 15384 am-match.taboola.com — Cisco Umbrella Rank: 15903 sync.taboola.com — Cisco Umbrella Rank: 1289 vidstatb.taboola.com — Cisco Umbrella Rank: 4631 pips.taboola.com — Cisco Umbrella Rank: 1652 cds.taboola.com — Cisco Umbrella Rank: 1817	2 MB
37	casalemedia.com 8 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 478 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622 r.casalemedia.com — Cisco Umbrella Rank: 1743 dsum.casalemedia.com — Cisco Umbrella Rank: 1367	23 KB
35	googlesyndication.com 51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	494 KB
33	doubleclick.net 13 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	273 KB
19	arcpublishing.com gray-wfie-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 223992 gray-config-prod.api.cdn.arcpublishing.com — Cisco Umbrella Rank: 22868 powa-ingest-prod-us-east-1.video-player.arcpublishing.com — Cisco Umbrella Rank: 18935 gray.video-player.arcpublishing.com — Cisco Umbrella Rank: 32267	410 KB
13	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253 acdn.adnxs.com — Cisco Umbrella Rank: 598 secure.adnxs.com — Cisco Umbrella Rank: 490	44 KB
13	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 535 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459 image6.pubmatic.com — Cisco Umbrella Rank: 805 t.pubmatic.com — Cisco Umbrella Rank: 3180	183 KB
12	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 314 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591 aax.amazon-adsystem.com — Cisco Umbrella Rank: 395 s.amazon-adsystem.com — Cisco Umbrella Rank: 326	80 KB
9	piano.io api-esp.piano.io — Cisco Umbrella Rank: 12543	29 KB
8	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495 ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	3 KB
8	liadm.com 8 redirects i.liadm.com — Cisco Umbrella Rank: 550	5 KB
8	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 644 cdn.indexww.com — Cisco Umbrella Rank: 1576	6 KB
8	14news.com www.14news.com — Cisco Umbrella Rank: 252979	554 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	254 KB
7	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	1 KB
7	criteo.com gum.criteo.com — Cisco Umbrella Rank: 423 dis.criteo.com — Cisco Umbrella Rank: 608	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	195 KB
3	snackly.co counter.snackly.co — Cisco Umbrella Rank: 5530	369 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	adsafeprotected.com 1 redirects static.adsafeprotected.com — Cisco Umbrella Rank: 721 pixel.adsafeprotected.com — Cisco Umbrella Rank: 851	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	227 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1685 mab.chartbeat.com — Cisco Umbrella Rank: 2582	26 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	198 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	946 B
2	demdex.net 1 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 84818	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 841	1 KB
2	company-target.com 2 redirects s.company-target.com — Cisco Umbrella Rank: 1515	726 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 853 id.crwdcntrl.net — Cisco Umbrella Rank: 2323	700 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	1 KB
2	operationchicken.com operationchicken.com — Cisco Umbrella Rank: 18354	877 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	minute.ly apv-launcher.minute.ly — Cisco Umbrella Rank: 4613 snippet.minute.ly — Cisco Umbrella Rank: 7277	40 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1389 c.go-mpulse.net — Cisco Umbrella Rank: 624	50 KB
2	reconditerespect.com reconditerespect.com — Cisco Umbrella Rank: 24122	29 KB
2	queryly.com www.queryly.com — Cisco Umbrella Rank: 10771	9 KB
2	cloudfront.net d3agakyjgjv5i8.cloudfront.net	87 KB
2	hs-sales-engage.com 1 redirects csv9f04.na1.hs-sales-engage.com	3 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 177	300 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914	274 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1517	250 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 13028	1 KB
1	boadedshedisite.com boadedshedisite.com — Cisco Umbrella Rank: 100153	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	1 KB
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 626	309 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 843	425 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1683	348 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2579	514 B
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 35110	270 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	146 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1259	35 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1161	372 B
1	ctnsnet.com 1 redirects cm.ctnsnet.com — Cisco Umbrella Rank: 4100	444 B
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	arc-cdn.net gray-config-prod.api.arc-cdn.net — Cisco Umbrella Rank: 22347	4 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1396	201 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	30 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1365	619 B
0	rlcdn.com Failed api.rlcdn.com Failed
348	60

	Domain	Requested by
51	images.taboola.com	www.14news.com
21	dsum-sec.casalemedia.com	4 redirects ssum-sec.casalemedia.com googleads.g.doubleclick.net
20	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.14news.com csv9f04.na1.hs-sales-engage.com www.googletagservices.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com 51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com
15	cdn.taboola.com	www.14news.com cdn.taboola.com
15	gray-wfie-prod.cdn.arcpublishing.com	www.14news.com gray-wfie-prod.cdn.arcpublishing.com
14	cm.g.doubleclick.net	13 redirects googleads.g.doubleclick.net
13	am-trc-events.taboola.com	www.14news.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net csv9f04.na1.hs-sales-engage.com tpc.googlesyndication.com
12	securepubads.g.doubleclick.net	www.14news.com securepubads.g.doubleclick.net csv9f04.na1.hs-sales-engage.com www.googletagservices.com pagead2.googlesyndication.com
10	ssum-sec.casalemedia.com	4 redirects js-sec.indexww.com ssum-sec.casalemedia.com
10	ib.adnxs.com	1 redirects ads.pubmatic.com acdn.adnxs.com googleads.g.doubleclick.net
9	api-esp.piano.io	www.14news.com code.jquery.com api-esp.piano.io
8	i.liadm.com	8 redirects
8	www.14news.com	csv9f04.na1.hs-sales-engage.com www.14news.com
7	s0.2mdn.net	csv9f04.na1.hs-sales-engage.com s0.2mdn.net
7	match.adsrvr.org	ssum-sec.casalemedia.com imprammp.taboola.com am-match.taboola.com ads.pubmatic.com
6	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	trc.taboola.com	cdn.taboola.com www.14news.com
5	ads.pubmatic.com	www.14news.com ads.pubmatic.com
4	t.pubmatic.com	ads.pubmatic.com
4	ups.analytics.yahoo.com	ssum-sec.casalemedia.com imprammp.taboola.com am-match.taboola.com
4	pr-bh.ybp.yahoo.com	3 redirects ssum-sec.casalemedia.com
4	cdn.indexww.com	ssum-sec.casalemedia.com
4	dis.criteo.com	ssum-sec.casalemedia.com
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	js-sec.indexww.com	ads.pubmatic.com
4	htlb.casalemedia.com	ads.pubmatic.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
3	sync.taboola.com	imprammp.taboola.com am-match.taboola.com
3	www.googletagservices.com	securepubads.g.doubleclick.net csv9f04.na1.hs-sales-engage.com
3	counter.snackly.co	snippet.minute.ly
3	hbopenbid.pubmatic.com	ads.pubmatic.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	gum.criteo.com	cdn.taboola.com ads.pubmatic.com
3	www.googletagmanager.com	www.14news.com www.googletagmanager.com
3	c.amazon-adsystem.com	www.14news.com c.amazon-adsystem.com
3	cdnjs.cloudflare.com	www.14news.com cdnjs.cloudflare.com
2	id5-sync.com	ads.pubmatic.com
2	skydeutschland.demdex.net	1 redirects 51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	csv9f04.na1.hs-sales-engage.com
2	googleads.g.doubleclick.net	csv9f04.na1.hs-sales-engage.com pagead2.googlesyndication.com
2	am-match.taboola.com	vidstat.taboola.com
2	imprammp.taboola.com	www.14news.com vidstat.taboola.com
2	am-vid-events.taboola.com	www.14news.com
2	wf.taboola.com	vidstat.taboola.com
2	powa-ingest-prod-us-east-1.video-player.arcpublishing.com	d3agakyjgjv5i8.cloudfront.net
2	c1.adform.net	2 redirects
2	p.rfihub.com	2 redirects
2	s.company-target.com	2 redirects
2	pixel.tapad.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	acdn.adnxs.com	ads.pubmatic.com
2	51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	operationchicken.com	reconditerespect.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	static.adsafeprotected.com	www.14news.com 51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com
2	reconditerespect.com	www.14news.com
2	www.queryly.com	www.14news.com
2	static.chartbeat.com	www.14news.com
2	d3agakyjgjv5i8.cloudfront.net	www.14news.com d3agakyjgjv5i8.cloudfront.net
2	csv9f04.na1.hs-sales-engage.com	1 redirects
1	sb.scorecardresearch.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	lb.eu-1-id5-sync.com	ads.pubmatic.com
1	www.google.com	tpc.googlesyndication.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	lexicon.33across.com	ads.pubmatic.com
1	m.exactag.com	51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com
1	boadedshedisite.com	www.14news.com
1	pixel.adsafeprotected.com	1 redirects
1	vidstatb.taboola.com	www.14news.com
1	fonts.googleapis.com	cdn.taboola.com
1	gray.video-player.arcpublishing.com	d3agakyjgjv5i8.cloudfront.net
1	gray-config-prod.api.cdn.arcpublishing.com	d3agakyjgjv5i8.cloudfront.net
1	b1sync.zemanta.com	1 redirects
1	ad.turn.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	dmp.brand-display.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	euexchangesync.digitaleast.mobi	1 redirects
1	secure.adnxs.com	1 redirects
1	x.bidswitch.net	ssum-sec.casalemedia.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	trace.mediago.io	1 redirects
1	cm.ctnsnet.com	1 redirects
1	r.casalemedia.com	ssum-sec.casalemedia.com
1	sync.crwdcntrl.net	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	www.google.de	www.14news.com
1	region1.analytics.google.com	www.googletagmanager.com
1	snippet.minute.ly	apv-launcher.minute.ly
1	c.go-mpulse.net	s.go-mpulse.net
1	apv-launcher.minute.ly	cdn.taboola.com
1	gray-config-prod.api.arc-cdn.net	d3agakyjgjv5i8.cloudfront.net
1	mab.chartbeat.com	static.chartbeat.com
1	ping.chartbeat.net	www.14news.com
1	code.jquery.com	api-esp.piano.io
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	s.go-mpulse.net	www.14news.com
1	c2.taboola.com	www.14news.com
1	polyfill.io	www.14news.com
0	api.rlcdn.com Failed	ads.pubmatic.com
348	104

This site contains links to these domains. Also see Links.

Domain
www.rivercityweekend.com
closings.gdm-connect.com
www.circleallaccess.com
www.investigatetv.com
www.graydc.com
gray.tv
www.vuit.com
www.facebook.com
www.twitter.com
search.onetag.com
popup.taboola.com
trck.tracking505.com
rethinkstyle.com
bredings-person.com
gosearches.net
shefence-citional.com
boadedshedisite.com
q9qrfj.zbrjtstrclnm.com
tummytuckhipo.com
boiteascoop.com
track.eternal-track.com
www.smartworldmag.com
clickbeat.xyz
goodhype.com
track.perpetual-track.com
rfvtgb.journalistate.com
trk.talice-valence.com
www.daily-choices.com
publicfiles.fcc.gov
webpubcontent.gray.tv
wfie.graydigitalmedia.com
www.queryly.com

Subject Issuer	Validity	Valid
hs-sales-engage.com Cloudflare Inc ECC CA-3	`2023-05-23` - `2024-05-21`	a year	crt.sh
gray3.web.arc-cdn.net R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2024-01-08` - `2025-02-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
polyfill.io Certainly Intermediate R1	`2024-01-11` - `2024-02-10`	a month	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
reconditerespect.com R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
api.arc-cdn.net DigiCert TLS RSA SHA256 2020 CA1	`2023-03-24` - `2024-03-25`	a year	crt.sh
*.minute.ly R3	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
operationchicken.com R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-01-10` - `2024-06-26`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.api.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2023-05-02` - `2024-05-12`	a year	crt.sh
*.video-player.arcpublishing.com Amazon RSA 2048 M02	`2023-11-15` - `2024-12-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
boadedshedisite.com Amazon RSA 2048 M02	`2023-11-28` - `2024-12-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2023-08-22` - `2024-09-15`	a year	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-11-27` - `2024-02-25`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Frame ID: DFEC497197F37166C7AFFF958A3E347A
Requests: 222 HTTP requests in this frame

Frame: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5625ACBE821548EECC8B74825E9D9593
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 9155F6714A07C27DF094EBD2B1142566
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4EC3755747E230699FB551E435189F5D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5C74C9746FE8642CDEB9CC0A5E06FF44
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9C87E7D1EA6334AAABCD54E3E2102EBE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 6D83817396DE3E0DDFBC4CA5836BB148
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E54198AC846A30A3FC08C713E7B68089
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DEE7D24588AD96BAB38AE19A49517513
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 48DDDF3007B977715A4C679E4BC8CDC3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 6B476915847A250F62D85FC3ED69DA08
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 9D47023537342126F9D95E1C347AE78E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: ED94F9962A3AF46027B21BEF4CCC7839
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 7E839BD419DC62C9A0D1B3554E7FF7C6
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 3D3CD355505E056D19FEC36969BCBBD6
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusgYNP48CjWoKBouVHMvRyu22-R5jGlcwSx_CNM1FdTm6FWf3A-0z6PJeYJ34tK8laySX_kkCg4neWiz1JJpIqKZOS1RRF0cC1I1-bRNlZvHuWESYtEWk_Vd8ypOzTLwPXruknxKI2DUlIeSRiouOFaLJIi-GcZG6tjuDrPvCC0OfqGpgIq3gGXfQrrrXDytOUM18zW77OmW0dsiYMBpOJ6G-p1i704P3BlXpYImYPouKQL6qkXPSW2jWbNtV3X1b4vFtpFlYElZFSfLVhkpHcggSdztOuPfNJ1Lyy4tPcorRRHJRqZDGOr6cvnPbvS3mrOFsMvfoZIrljKRBq7I-zTbmVUJ-QjIj7KKWTO9m8hwm2SsfY6WGR_s5flmWJAaatvA&sai=AMfl-YT38q9nToGOO3Cd0NhgCJpGI9ramlo4N8_TOucN02zkJqyizf2jkAZSyL4qqu_JilCQUxCaySpuWZoPgb6EpzFbobK6owk1Z2mmS7eA_8J7sjkrosbeIKKIrAYmJIuIsg0fEr_F83bV4WKx1Ned_d6_&sig=Cg0ArKJSzDef-KeppLskEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 77B904A7C0238E5F9AD0A55AA89F0950
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszUz85dH1G7ji-T6OfM6akHZv3otBV-LtmJ0NFNnC3AQzO0k4K32cdFfz_gUfoeV5i7KCuhE7wnaYBEW3xn888S3HNxgf2cXRpl9cmgqpN4-SRKytZ_ad1ESRTV730ezrizkk1I51k23AzHzdEIXZ02z95XQna7ccYKUAc3xR7YeyUrvZQOkdtcPoteATbYHQ5BPVptYF8mVASe7ZLe4MsF4HAd82xS0Cnp9AUzwRH_Bk_5m8av5Qo0zWxRQjVmQYUbFtnI4_XbnDS_otH-rIHnfsLd2F_HpShm-xQZD-twTsy3LHHRwoG2ndgGneqh9dE__1znxdBrbipMi2fpiO3VOuNgnxKUr-b2cfEFim3BHQo8OA0pxWA9UDu6Kc4lPszoQ&sai=AMfl-YT-sPN3e8xrSz05SR406o3e-rXfr_h9jx2z_LSxQI7tO7YgCO99nDkhj1vCp84GSdhYKYNFPG1jHRnUf-WaxQfquIhznF6mXwW-xlpjQt5xFLRW_4s1ojGA90PvyX2_5eFqhYfadtUif7_i_9vv2TAk&sig=Cg0ArKJSzHKS52zspTTlEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 052DA67011C6BC5B255544094BCAF722
Requests: 6 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8sAICLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYID-AMl4XDbfYuJwi2a-hVu0cVjWEttwsJYYhsvdxGObLDwTIyAZj8vmW0wcbtHMt3CLNg7LWmIbDtYSw3C5m3hsk4VnYgUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisB8DI9fuL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GPKy9fW7H30hRKRAtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vmZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-5QIy-z3HRSU09NjdhlERdfbYnc4zZ6DnOU7iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8xh3u5HH5tbsZrO1aORxuSXO1WStWs42K5Nzudw4l2vR62P6OCem5XC3RYIBUnuRPC3SiW7i8Ex2w4nJ5dm4JgvPZjCZWDYj02a32C08NstELNGcLNKJ7LJvrRYW22owWC1nxpXLMxkOdyuHaWUx-QajhW058dc8xt1u5LG5NbvZbC0aeVxuiXM1WauWs83K5FwuN87lWvT6mD7OiWk53O0bu8FqMRhMlqt9YzdYLQaDyXK179AZvqvP2eg7nNMeodQb2_6FNqdB4TJYvD-JaTHtzg6ik-_olDk8yoLO6Pf7_X6_3-_3-_0GredgNih8w77LM4yJZLZsbmwQGwyKWCK4SCc6y8N5ur0Vo7nL97mIJUrTRTrRSwaTzV4x2SsWe4nDbHZ-3mK_5-V5SxaTrVvjt3tOl9fH9PTb3ZqPw-0W_M1Oj8uteTgvYongdJFORC_j6aL-I4fYDOeK5XKuGc4Vm8kqAQAAAAAAAABYgmmmmwAAAAA4GcRwMhzu1ulgFpvRaLNaLgCLq1BdP6KBgfgMyqO7LoTmlQsV7aaKNfZYw1keztPtrRjNXb7PlQEAFBwy2-wzglir1bIGAAAggA0AACCAm268CSCL4v7____HAQAAkJFDDwAAgH4fkA4XSr3wIxe_glgsBqP9A1Ah1mq1ut1Yq9UKSBC7xWQC_____wkCAAAAAACsgBUEAAAAAADAeQE!&cmcv=&pix=undefined&cb=1705100296922&uv=3373&tms=1705100296922&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!esv_vC!lvlstst-in2_vB!lvlstst1_vB!rbcatc_vB!t45!ufm!video-reel_vB&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=ccef71ba-4f7a-4ca2-b680-b0897bc62a3b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: F487146238CC6AF1B97BF7CB41CC47D8
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8sAICLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYID-AMl4XDbfYuJwi2a-hVu0cVjWEttwsJYYhsvdxGObLDwTIyAZj8vmW0wcbtHMt3CLNg7LWmIbDtYSw3C5m3hsk4VnYgUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisB8DI9fuL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GPKy9fW7H30hRKRAtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vmZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-5QIy-z3HRSU09NjdhlERdfbYnc4zZ6DnOU7iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8xh3u5HH5tbsZrO1aORxuSXO1WStWs42K5Nzudw4l2vR62P6OCem5XC3RYIBUnuRPC3SiW7i8Ex2w4nJ5dm4JgvPZjCZWDYj02a32C08NstELNGcLNKJ7LJvrRYW22owWC1nxpXLMxkOdyuHaWUx-QajhW058dc8xt1u5LG5NbvZbC0aeVxuiXM1WauWs83K5FwuN87lWvT6mD7OiWk53O0bu8FqMRhMlqt9YzdYLQaDyXK179AZvqvP2eg7nNMeodQb2_6FNqdB4TJYvD-JaTHtzg6ik-_olDk8yoLO6Pf7_X6_3-_3-_0GredgNih8w77LM4yJZLZsbmwQGwyKWCK4SCc6y8N5ur0Vo7nL97mIJUrTRTrRSwaTzV4x2SsWe4nDbHZ-3mK_5-V5SxaTrVvjt3tOl9fH9PTb3ZqPw-0W_M1Oj8uteTgvYongdJFORC_j6aL-I4fYDOeK5XKuGc4Vm8kqAQAAAAAAAABYgmmmmwAAAAA4GcRwMhzu1ulgFpvRaLNaLgCLq1BdP6KBgfgMyqO7LoTmlQsV7aaKNfZYw1keztPtrRjNXb7PlQEAFBwy2-wzglir1bIGAAAggA0AACCAm268CSCL4v7____HAQAAkJFDDwAAgH4fkA4XSr3wIxe_glgsBqP9A1Ah1mq1ut1Yq9UKSBC7xWQC_____wkCAAAAAACsgBUEAAAAAADAeQE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 3ECB20C4F311232F37FBFE2B6DBD4EE7
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunGD7_rJEiL2UfTw9f63XrlYbMGT9G3gbKHqiYMYdpN_Ew1ECxqkYtffOrMR4JEUG93U-tTC5scPxCOdDnLSyke6zkdkNLX1kl0hv5GqvIvmDmMqQnJayiPWNf7db37X8LKFCTOJgAj65UJyJ-cvrBupiAvzcTWhVWiGEKFMeLlkhtBNeBYXI8b7wairLMVlipQGrkkeyB66U2fjGHxY7ZYpZMwTMzD7MPzB9WPU9VN8kJxnJ0IChR-QIgdpPgfWkOlrlTOPBCLiwFSsV5_Zewf_jk33ef4SaMRX2E5bWc3fGQNLyZG09mcRPHaXGZSVQt-6USnvb6Gm4evIBhOHME3nBdJ9fItC9eSyVGqv5UXBZHVTAeOUqJVzfP9unZiVvqWA&sai=AMfl-YSxmt0xr6uyoHLje-uIF66yQoEAHaAsl5V09o805pWvofc1wn638vOR8R25hRKwAS7cMYMMjXoRNRjWeptYSHp-IT4DajHHBjVlMDnOSZ37qyiLLjFylhUJ0IFycyOGpotyNcIQPYMhqyGWa2gGaQg&sig=Cg0ArKJSzDqgzb_eKj4fEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 9D610F4E639577875737742CE2F2B547
Requests: 7 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V885wCLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYMD_AEltBrONb7Nxy0y2kVu02m3WytFyttZtHIbVaDBz2JYbIyCpzWC28W02bpnJNnKLVrvNWjlazta6jcOwGg1mDttyYwUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisBEFNSeeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GJJ3BoNDrEApT6SgtQgjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vqZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-1BIy-M3SFous0FB8dteBhnLZbKfCVuMVpPJZjmcLReTwXA0HI32ZyAmgwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw5jHudiOPza3ZzWZr0cjjckucq8latZxtVibncrlxLtei18f0cU5My-FuiwQDpPYieVqkE93E4ZnshhOTy7NxTRaezWAysWxGps1usVt4bJaJWKI5WaQT2WXfWi0sttVgsFrOjCuXZzIc7lYO08pi8g1GC9ty4q95jLvdyGNza3az2Vo08rjcEudqslYtZ5uVyblcbpzLtej1MX2cE9NyuNs3doPVYjCYLFf7xm6wWgwGk-Vq36EzfFefs9F3OKc9Qqk3tv0LbU6DwmWweH8S02LanR1EJ9_RKXN4lAWd0e_3-_1-v9_v9_sNWs_BbFD4hn2XZxgTyWzZ3NggNhgUsURwkU50lofzdHsrRnOX73MRS5Smi3Silwwmm71islcs9hKH2ez8vMV-z8vzliwmW7fGb_ecLq-P6em3uzUfh9st-JudHpdb83BexBLB6SKdiF7G00X9Rw6xGc4Vy-VcM5wrNpNVAgAAAAAAAACwBNNMNwEAAABwMojhZDjcrdPBTCaD4XC1XAAWV6G6fqLMWajDT9Z2XQjNKxcq2k0Va-yxhrM8nKfbWzGau3yfKwMAKDhkttlnBLFWq2UNAABAABsAAEAAN914E0AWxf3___-PAwAAICOHHgAAgP8-oKaZmZmZmRl-BbFYDEb7B6BCrNVqdbuxVqsVkCB2i8kE_v___xMEAAAAAABYASsIAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 168F552A486F6988DBE0A722A0A2BFDC
Requests: 4 HTTP requests in this frame

Frame: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6682A793C5EAA90FF42718A214C0E3E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLify4ECMAE&v=APEucNVoVQ9puWQkCwfX0Ef21ZZ1tAiMjkEPtN2X7kinOMYVPwOWNLAGALoFCDe6uMvW6UDZI_yRhgp5RoHI1c1GiXpL_qBLRjGyOB63Gw36AVvG16d63-ELCONBaLWp4qrA30cE38EVL-wqIOt9ex6ol8o6wzGSRG7dR6RPFK2CxgzgMyDzcNI
Frame ID: 09453EE8E9993575AACFA2330EC84C03
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 9B40D0CC1AF675060AAE1CC5601343C9
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BFD9C1DF41C6F67765C32D02CAE5F52A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250
Frame ID: 275BB21369B1683DA4196079FB746B10
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 03E1B9BE3947A5A437458884B59D9F81
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9FB86F82C53717F22AB73AAB10B90E64
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bally’s loses $212K in construction scam, police sayShare on FacebookEmail This LinkShare on X (formerly Twitter)Share on PinterestShare on LinkedInGroup 3Group 3Group 3Group 3

Page URL History Show full URLs

https://csv9f04.na1.hs-sales-engage.com/Ctc/DM*23284/cSv9f04/JlF2-6qcW8wLKSR6lZ3nZW8Wdfz785ZPzYW4H_SJ-3NHblJW3WJzcT2... Page URL
https://csv9f04.na1.hs-sales-engage.com/events/public/v1/encoded/track/tc/DM*23284/cSv9f04/JlF2-6qcW8wLKSR6lZ3nZW8Wd... HTTP 307
https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

348
Requests

90 %
HTTPS

41 %
IPv6

60
Domains

104
Subdomains

72
IPs

8
Countries

5165 kB
Transfer

14028 kB
Size

62
Cookies

48 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rivercityweekend.com/
Title: River City Weekend

Search URL Search Domain Scan URL

URL: https://www.rivercityweekend.com/?_ga=2.250328704.725753753.1620146109-1705495482.1620146109
Title: River City Weekend

Search URL Search Domain Scan URL

URL: https://closings.gdm-connect.com/login
Title: Closings Admin Login

Search URL Search Domain Scan URL

URL: https://www.circleallaccess.com/
Title: Circle - Country Music & Lifestyle

Search URL Search Domain Scan URL

URL: https://www.investigatetv.com/
Title: Investigate TV

Search URL Search Domain Scan URL

URL: https://www.graydc.com/
Title: Gray DC Bureau

Search URL Search Domain Scan URL

URL: https://gray.tv/careers#currentopenings
Title: Jobs at 14 News

Search URL Search Domain Scan URL

URL: https://www.vuit.com/live/17261/wfie/vod/
Title: Latest Newscasts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/14news

Search URL Search Domain Scan URL

URL: https://www.twitter.com/14News

Search URL Search Domain Scan URL

URL: https://search.onetag.com/search
Title: Best anti virus software | Gesponserte links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-14news&utm_medium=referral&utm_content=thumbs-feed-01-a-text-over:Below%20Article%20Thumbnails%20New%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-14news&utm_medium=referral&utm_content=thumbs-feed-01-b:Below%20Article%20Thumbnails%20New%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trck.tracking505.com/b9a812fa-05f3-4946-bf45-422fe74fa70d
Title: Tragbare Treppenlifte | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://rethinkstyle.com/trending/an-diese-legendaren-stars-erinnern-sie-sich-nicht-mehr-doch-sie-sind-am-leben-und-treten-immer-noch-auf-11-tb-martinschneider-210
Title: Rethink Style

Search URL Search Domain Scan URL

URL: https://bredings-person.com/f7736266-1593-4e7c-a15f-170d64b3724b
Title: Tinnitus Research

Search URL Search Domain Scan URL

URL: https://gosearches.net/index.php
Title: GoSearches

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/c351a234-e6d9-4bf6-800c-f99fb09a6b14
Title: Prostata Gesundheit

Search URL Search Domain Scan URL

URL: https://boadedshedisite.com/071ab26f-7129-4e9b-ad2d-e18a9143f72d
Title: Verlassene Häuser | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://q9qrfj.zbrjtstrclnm.com/
Title: Holzhäuser | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://tummytuckhipo.com/trending/die-wunderschonen-frauen-der-vergangenheit-was-machen-sie-heute-2-jutta-speidel-tb
Title: Tummy Tuck Hippo

Search URL Search Domain Scan URL

URL: https://boiteascoop.com/trending/einst-rund-nun-rank-promis-und-ihr-beeindruckender-gewichtsverlust-2-tb-manuela-wisbeck
Title: Boite A Scoop

Search URL Search Domain Scan URL

URL: https://track.eternal-track.com/f4c0d4c2-dc66-41f8-b21c-3213cdde2bc3
Title: Beste Gesichtscreme | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://www.smartworldmag.com/de/38880/
Title: SmartWorldMag

Search URL Search Domain Scan URL

URL: https://clickbeat.xyz/cf/r/658b06ff927f0e00120ef0d7
Title: Elektroautos für Senioren

Search URL Search Domain Scan URL

URL: https://goodhype.com/trending/promis-bei-ihren-abnehmversuchen-so-lassen-sie-die-kilos-purzeln-mwwlfzdetb
Title: Good Hype

Search URL Search Domain Scan URL

URL: https://track.perpetual-track.com/895976a9-30d1-452f-9b23-e24bf26542b2
Title: Fertighäuser | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://track.perpetual-track.com/2fade97d-ce43-4949-905e-1fec9c42cc58
Title: Senioren Elektrofahrzeuge | Suchanzeigen

Search URL Search Domain Scan URL

URL: https://rfvtgb.journalistate.com/worldwide/auto-hacks-autobesitzer-cp-ta-ge
Title: Journalistate

Search URL Search Domain Scan URL

URL: https://trk.talice-valence.com/ccb34113-ec3f-40b8-8e71-0b7f09d828c7
Title: Gesundesfettmethode

Search URL Search Domain Scan URL

URL: https://www.daily-choices.com/oak-island-mystery-de/
Title: DailyChoices

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-14news&utm_medium=referral&utm_content=rec-reel-sc2:Below%20Article%20Thumbnails%20New%20|%20Card%2012:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WFIE
Title: Public Inspection File

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/gdm/fcc/wfie-fcc_applications.pdf
Title: FCC Applications

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/wfie/wfie-eeo-public-file-report-2022-2023.pdf
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://wfie.graydigitalmedia.com/
Title: Digital Advertising

Search URL Search Domain Scan URL

URL: https://gray.tv/uploads/documents/Gray-Television-AI-Policy.pdf
Title: Click here

Search URL Search Domain Scan URL

URL: https://www.queryly.com/
Title: search by queryly

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-14news&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=graytv-14news&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://csv9f04.na1.hs-sales-engage.com/Ctc/DM*23284/cSv9f04/JlF2-6qcW8wLKSR6lZ3nZW8Wdfz785ZPzYW4H_SJ-3NHblJW3WJzcT2ptCqRW58tDfC5p_2GwW1v8Qzf3b55j2W44cC1g2FTvVKV7rVg0966-k2N68-K-Y4bK28N3NZ6wtY-p6-W7zB3RD3w8dP_W4YbBK13Lw9K2W31T8996FVpwHVhK9KJ8cwJnKW2KCrFn2nXg2FN3cRmL8yvztNVMxKfP6RklB1W3hdsk47JFC6FW2ffpPS7ttqBnW6MJc_97z-dQRW1v-rm88mqxf9N1K0jcP3YXs_W2wwDxp6RC7ljW8yKt6H7V-pgMW6-0tZG464B9LW7T4bgX6SXTqbW3qnnN49lHGkcV8pcZ63fZb16V80By-5_W-TVf4xj8gR04 Page URL
https://csv9f04.na1.hs-sales-engage.com/events/public/v1/encoded/track/tc/DM*23284/cSv9f04/JlF2-6qcW8wLKSR6lZ3nZW8Wdfz785ZPzYW4H_SJ-3NHblJW3WJzcT2ptCqRW58tDfC5p_2GwW1v8Qzf3b55j2W44cC1g2FTvVKV7rVg0966-k2N68-K-Y4bK28N3NZ6wtY-p6-W7zB3RD3w8dP_W4YbBK13Lw9K2W31T8996FVpwHVhK9KJ8cwJnKW2KCrFn2nXg2FN3cRmL8yvztNVMxKfP6RklB1W3hdsk47JFC6FW2ffpPS7ttqBnW6MJc_97z-dQRW1v-rm88mqxf9N1K0jcP3YXs_W2wwDxp6RC7ljW8yKt6H7V-pgMW6-0tZG464B9LW7T4bgX6SXTqbW3qnnN49lHGkcV8pcZ63fZb16V80By-5_W-TVf4xj8gR04?_ud=5bd97692-ad07-46f0-b9ef-50d9c87ee962&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 113

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 114

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 115

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 119

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaHECByTT0JzIRClfe9JWgAADUYAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaHECByTT0JzIRClfe9JWgAADUYAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 120

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaHECByTT0JzIRClfe9JWgAA%263398&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaHECByTT0JzIRClfe9JWgAA%263398&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=3ff546d72a52409d9a0f5668891ba711 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 122

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaHECGceIg1qSUvyjIeadgAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZaHECGceIg1qSUvyjIeadgAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELGtxt5oIum_Y8fN-1H1Syc&google_cver=1

Request Chain 123

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858&gdpr=0&gdpr_consent=

Request Chain 124

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720825096&external_user_id=135bd86b-5265-48c4-bbd0-fb9bc7aa410a

Request Chain 125

https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=02d06bc6f982462e8c0019b2973d3377&expiration=1707692296

Request Chain 126

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559731974286767

Request Chain 128

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaHECMrz.u9T9PHHf4CBzwAA%261105&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaHECMrz.u9T9PHHf4CBzwAA%261105&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d7e8725aecba4dfeb9604591d2a398e2 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 129

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaHECGceIg1qSUvyjIeadgAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZaHECGceIg1qSUvyjIeadgAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF1AF8xL9NObjaXX-FeDNOk&google_cver=1

Request Chain 131

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaHECMrz-u9T9PHHf4CBzwAABFEAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaHECMrz-u9T9PHHf4CBzwAABFEAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 132

https://trace.mediago.io/ju/cs/indexexchange HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=acc8ce730df3ee9e2auafu00lrb8owzw

Request Chain 133

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455423295431424

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaHECByTT0JzIRClfe9JWgAADUYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZaHECByTT0JzIRClfe9JWgAADUYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECTTUbzrRDZqzcBfV2fCmFk&google_cver=1

Request Chain 138

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaHECByTT0JzIRClfe9JWgAA%263398&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaHECByTT0JzIRClfe9JWgAA%263398&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=fd2d937d4f574b648393e70205a77d3d HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 140

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6454841772227527969

Request Chain 141

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8015212870793150717&expiration=1706309960

Request Chain 142

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5e11a3c4-7b55-4485-8fed-767612f36b8b

Request Chain 144

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZaHECByTT0JzIRClfe9JWgAA%263398 HTTP 302
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=30876b27-d254-4ccc-a846-f13d4ae04a84

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaHECGceIg1qSUvyjIeadgAADIoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZaHECGceIg1qSUvyjIeadgAADIoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMboGg8bX7ZCfFXzhfjiJ9g&google_cver=1

Request Chain 148

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaHECGceIg1qSUvyjIeadgAA%263210&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaHECGceIg1qSUvyjIeadgAA%263210&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=fef8e0529bfe4305a0197f9b6bc3b995 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 149

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaHECGceIg1qSUvyjIeadgAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZaHECGceIg1qSUvyjIeadgAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIwlxlRyTGLjC5wS-_jF5n0&google_cver=1

Request Chain 150

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4d61aa0d-745a-4011-85765188

Request Chain 151

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2984328696174152105

Request Chain 152

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 153

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720825096&external_user_id=3dad8a88-64bc-4155-91a8-abd08ff700e2

Request Chain 247

https://pr-bh.ybp.yahoo.com/sync/taboola/fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-yNstoFZE2oRQ4FnJs_9lcNUpMBUFxHVCIUXF5A--~A

Request Chain 250

https://pr-bh.ybp.yahoo.com/sync/taboola/fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-yNstoFZE2oRQ4FnJs_9lcNUpMBUFxHVCIUXF5A--~A

Request Chain 257

https://pr-bh.ybp.yahoo.com/sync/taboola/fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-yNstoFZE2oRQ4FnJs_9lcNUpMBUFxHVCIUXF5A--~A

Request Chain 262

https://pixel.adsafeprotected.com/rfw/st/1878143/77746728/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015387910&ias_pubId=pub-0883126725773026&ias_chanId=1&ias_placementId=20923846989&bidurl=https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jaeppDVUFbIdJ8OoeQFQFO HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

Request Chain 296

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2YwprkMyW4j6Bkr6u1cB4&google_cver=1

Request Chain 297

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaHECGceIg1qSUvyjIeadgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2YwprkMyW4j6Bkr6u1cB4&google_cver=1

Request Chain 298

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEC8txFFXY0C5K5upZMHKeiE&google_cver=1

Request Chain 299

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1NDg0MTc3MjIyNzUyNzk2OQ%3D%3D

Request Chain 311

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207745936&d_placement=383976328&d_campaign=31090180&d_bust=3315498020&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207745936&d_placement=383976328&d_campaign=31090180&d_bust=3315498020&gdpr=&gdpr_consent=

348 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 JlF2-6qcW8wLKSR6lZ3nZW8Wdfz785ZPzYW4H_SJ-3NHblJW3WJzcT2ptCqRW58tDfC5p_2GwW1v8Qzf3b55j2W44cC1g2FTvVKV7rVg0966-k2N68-K-Y4bK28N3NZ6wtY-p6-W7zB3RD3w8dP_W4YbBK13Lw9K2W31T8996FVpwHVhK9KJ8cwJnKW2KCrFn2nXg...
csv9f04.na1.hs-sales-engage.com/Ctc/DM*23284/cSv9f04/ 8 KB
3 KB 342ms
307ms Document
text/html 2606:4700:4400::ac40:95a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://csv9f04.na1.hs-sales-engage.com/Ctc/DM*23284/cSv9f04/JlF2-6qcW8wLKSR6lZ3nZW8Wdfz785ZPzYW4H_SJ-3NHblJW3WJzcT2ptCqRW58tDfC5p_2GwW1v8Qzf3b55j2W44cC1g2FTvVKV7rVg0966-k2N68-K-Y4bK28N3NZ6wtY-p6-W7zB3RD3w8dP_W4YbBK13Lw9K2W31T8996FVpwHVhK9KJ8cwJnKW2KCrFn2nXg2FN3cRmL8yvztNVMxKfP6RklB1W3hdsk47JFC6FW2ffpPS7ttqBnW6MJc_97z-dQRW1v-rm88mqxf9N1K0jcP3YXs_W2wwDxp6RC7ljW8yKt6H7V-pgMW6-0tZG464B9LW7T4bgX6SXTqbW3qnnN49lHGkcV8pcZ63fZb16V80By-5_W-TVf4xj8gR04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:95a5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 844900c2ddd69220-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Fri, 12 Jan 2024 22:58:13 GMT
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 7
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-6775f64766-hpl8v
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: ac71192b-5443-4428-a413-4d5852b953d3
x-request-id: ac71192b-5443-4428-a413-4d5852b953d3
x-robots-tag: none

GET
H2

200

Primary Request / Show response
www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Redirect Chain

https://csv9f04.na1.hs-sales-engage.com/events/public/v1/encoded/track/tc/DM*23284/cSv9f04/JlF2-6qcW8wLKSR6lZ3nZW8Wdfz785ZPzYW4H_SJ-3NHblJW3WJzcT2ptCqRW58tDfC5p_2GwW1v8Qzf3b55j2W44cC1g2FTvVKV7rVg09...
https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

218 KB
37 KB

1161ms
1045ms

Document
text/html

2a02:26f0:480:f::213:7ec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Requested by

Host: csv9f04.na1.hs-sales-engage.com
URL: https://csv9f04.na1.hs-sales-engage.com/Ctc/DM*23284/cSv9f04/JlF2-6qcW8wLKSR6lZ3nZW8Wdfz785ZPzYW4H_SJ-3NHblJW3WJzcT2ptCqRW58tDfC5p_2GwW1v8Qzf3b55j2W44cC1g2FTvVKV7rVg0966-k2N68-K-Y4bK28N3NZ6wtY-p6-W7zB3RD3w8dP_W4YbBK13Lw9K2W31T8996FVpwHVhK9KJ8cwJnKW2KCrFn2nXg2FN3cRmL8yvztNVMxKfP6RklB1W3hdsk47JFC6FW2ffpPS7ttqBnW6MJc_97z-dQRW1v-rm88mqxf9N1K0jcP3YXs_W2wwDxp6RC7ljW8yKt6H7V-pgMW6-0tZG464B9LW7T4bgX6SXTqbW3qnnN49lHGkcV8pcZ63fZb16V80By-5_W-TVf4xj8gR04

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

87832cd18d93500a00998fae0c6b7b6b85362f1ab8de3e4e801fe713ae6e616f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://csv9f04.na1.hs-sales-engage.com/Ctc/DM*23284/cSv9f04/JlF2-6qcW8wLKSR6lZ3nZW8Wdfz785ZPzYW4H_SJ-3NHblJW3WJzcT2ptCqRW58tDfC5p_2GwW1v8Qzf3b55j2W44cC1g2FTvVKV7rVg0966-k2N68-K-Y4bK28N3NZ6wtY-p6-W7zB3RD3w8dP_W4YbBK13Lw9K2W31T8996FVpwHVhK9KJ8cwJnKW2KCrFn2nXg2FN3cRmL8yvztNVMxKfP6RklB1W3hdsk47JFC6FW2ffpPS7ttqBnW6MJc_97z-dQRW1v-rm88mqxf9N1K0jcP3YXs_W2wwDxp6RC7ljW8yKt6H7V-pgMW6-0tZG464B9LW7T4bgX6SXTqbW3qnnN49lHGkcV8pcZ63fZb16V80By-5_W-TVf4xj8gR04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-true-ttl: -1
cache-control: private, max-age=60
content-encoding: gzip
content-length: 37139
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Fri, 12 Jan 2024 22:58:15 GMT
etag: W/"3566e-OWXizxyhjzNKIBEKa58b4PXA1i0"
expires: Fri, 12 Jan 2024 22:59:15 GMT
last-modified: Fri, 12 Jan 2024 22:58:15 GMT
prerender-cache-tag: prerender-gray-wfie-prod-0ac0190b
server: openresty
server-timing: cdn-cache; desc=REVALIDATE edge; dur=433 origin; dur=597 ak_p; desc="1705100294158_34831752_1653990960_102856_7042_6_16_255";dur=1
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-akamai-transformed: 9 35247 0 pmb=mRUM,2
x-amz-cf-id: 7ard-7fX82mK4d-Dqgpz2pLLl80ZMziGc2n5R5SZo0slK6SJVXpe4A==
x-amz-cf-pop: MIA3-P8
x-arc-pb-request-id: c3cc38a8-4bef-45e4-bf54-175867daaff1 57806bde-ec10-4772-b275-257ebc0254db
x-arc-request-id: 0.887d1302.1705100294.6295e630

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 844900c4dea79220-FRA
date: Fri, 12 Jan 2024 22:58:14 GMT
link: <https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/>; rel="canonical"
location: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 51
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-6775f64766-zgd6z
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 87837294-1cf1-4a37-adf2-91976b7cc2ca
x-request-id: 87837294-1cf1-4a37-adf2-91976b7cc2ca
x-robots-tag: none

GET
H2 200 react.js Show response
www.14news.com/pf/dist/engine/ 839 KB
182 KB 19ms
18ms Script
application/javascript 2a02:26f0:480:f::213:7ec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.14news.com/pf/dist/engine/react.js?d=381

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a9edbe3c7428f920513f69711d1d77a4a73b4703c17bed30e72a8f74bfa2ed37

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.887d1302.1705100295.6295ec1b
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705100295232_34831752_1653992475_56_5273_6_0_146";dur=1
content-length: 185272
last-modified: Thu, 11 Jan 2024 15:51:22 GMT
server: openresty
etag: W/"0a2409b4670ec87e6bc0bb0927bf2d7b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: hEO8GE70CkcdVM-IPGuAGoCUFksniEJN56HVuwt2rNU4AfqC_MLGnQ==
expires: Sat, 11 Jan 2025 22:58:15 GMT

GET
H2 200 default.js Show response
www.14news.com/pf/dist/components/combinations/ 1 MB
275 KB 29ms
28ms Script
application/javascript 2a02:26f0:480:f::213:7ec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.14news.com/pf/dist/components/combinations/default.js?d=381

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

c007337f79c82a24ecf5c7c146413979a53414902177298db0b888e1bf59e5e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: MIA3-P8
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.887d1302.1705100295.6295ec1c
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705100295232_34831752_1653992476_24_4739_6_0_146";dur=1
content-length: 280452
last-modified: Thu, 11 Jan 2024 15:51:23 GMT
server: openresty
etag: W/"8636ba60746215dc6d70887f5b688b2f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: uKKhs8_suVQ4WRlD3OWUn5g_tX_Uz-mZJFWQnGAhMIbU_6OcJPxpRw==
expires: Sat, 11 Jan 2025 22:58:15 GMT

GET
H2 200 main.css
gray-wfie-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/ 82 KB
14 KB 71ms
16ms Stylesheet
text/css 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/main.css?d=381

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

8257e3f3a5939a2a8e1ea470645bc40d9e2f626c59ec06307d0ed5f3f00b8ab0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: ORD53-C1
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.4ef01002.1705100295.f6b1904
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705100295281_34664526_258676996_66_4742_6_19_255";dur=1
content-length: 14170
last-modified: Thu, 11 Jan 2024 15:51:22 GMT
server: openresty
etag: W/"9e40a2a1a5a5fd1291cbb18863b4a93d"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: dZWb_p4OwAHJSo019nlXuc0ircpuxUmgsQ7aRUk2LH6Hxy0dI9-GPA==
expires: Sat, 11 Jan 2025 22:58:15 GMT

GET
H2 200 main.css
gray-wfie-prod.cdn.arcpublishing.com/pf/resources/dist/wfie/css/ 99 KB
16 KB 70ms
15ms Stylesheet
text/css 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/pf/resources/dist/wfie/css/main.css?d=381

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

d8cbb49988a56784ee9f663b0532681cf2461c3639bec4daf6afbce17134ca86

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: MIA3-P8
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.4ef01002.1705100295.f6b1903
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705100295261_34664526_258676995_56_4695_6_19_255";dur=1
content-length: 16021
last-modified: Thu, 11 Jan 2024 15:51:22 GMT
server: openresty
etag: W/"f7c440e6a555eb71a5f88d6a7711f142"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: QS7ybQSW3Tbz5XkgArNqZs5FAGnrMEyocC_MG2-pv3nO7Khlxzy7bQ==
expires: Sat, 11 Jan 2025 22:58:15 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 100 KB
19 KB 32ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3699634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18861
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-49ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ExU12g4Me1s92GS9o3w%2FClm7bEnkmfuBGEfPNbDNLZQvmyw%2FBW6gQGnK1jpIo6Qj0bGr%2FNHGIUikKq0yirGLP3XWnG%2Bohwtsxr8RMEMfeCzf9EouB1LgkGm%2FxyInt5LmRZcBFm0RdVa4Yii0rpwnhjG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 844900cd4ed839ca-FRA
expires: Wed, 01 Jan 2025 22:58:15 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 104 B
619 B 47ms
7ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CArray.prototype.forEach%2CSymbol.hasInstance%2Ces6%2CIntl%2ClocalStorage%2CDate.prototype.toISOString%2CDate.now%2Cdefault%2CObject.entries%2CObject.fromEntries%2CArray.prototype.entries

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.14news.com/
Origin: https://www.14news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jan 2024 22:58:15 GMT
age: 2105098
detected-user-agent: Chrome/120.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/120.0.0
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gtm.js Show response
gray-wfie-prod.cdn.arcpublishing.com/pf/resources/js/analytics/ 584 B
843 B 76ms
21ms Script
application/javascript 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/pf/resources/js/analytics/gtm.js?d=381

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: ATL58-P2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.4ef01002.1705100295.f6b1905
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705100295281_34664526_258676997_36_4763_6_0_219";dur=1
content-length: 305
last-modified: Thu, 11 Jan 2024 15:51:23 GMT
server: openresty
etag: W/"d95f5027a66e33b82dc537faa5603017"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: f8xiutBxxAH4tBtX385LUAcxWtUWmAEtvqKNoOH9Yi5En4tYOcyfXw==
expires: Sat, 11 Jan 2025 22:58:15 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 57ms
14ms Script
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:05:00 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 4a58d1025db7d55387fe7325daf4435e.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P4
age: 3196
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: tT8EnWzAmxGFj4BXT7a7hakLfzD70RA7GTRGcw4bl-8CCx2Lya2Nsw==

GET
H2 200 powaBoot.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/ 16 KB
6 KB 63ms
14ms Script
application/javascript 2600:9000:2090:8e00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaBoot.js?org=gray
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:8e00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 810d9203d0e7d3abce29279a90ab99c3472a19cd32a7b96a0e83ceca32064aa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:54:09 GMT
content-encoding: gzip
via: 1.1 11dfc8c750cf42e4f5f3a7296512a1f8.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 19:12:44 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P1
age: 250
x-amz-server-side-encryption: AES256
etag: W/"ea946e347a8a6d5fa1c533185389635e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: xGiG8fZlCeiIJnbioGD1mXdZ1TfuMZmNqQDXXDns76qJ0RyV7UUfaA==

GET
H2 200 comscore.js Show response
www.14news.com/pf/resources/js/analytics/ 168 KB
49 KB 16ms
15ms Script
application/javascript 2a02:26f0:480:f::213:7ec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.14news.com/pf/resources/js/analytics/comscore.js?d=381

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.887d1302.1705100295.6295ec1a
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705100295232_34831752_1653992474_31_5274_6_0_219";dur=1
content-length: 49862
last-modified: Thu, 11 Jan 2024 15:51:23 GMT
server: openresty
etag: W/"702fb2c84c6e8b364a6130cb860c7987"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: ejV6VmRC4fjl2LuIh2oYv2VlqX6q7D_LLV1_gT1ByB9hlfYRE7TAOg==
expires: Sat, 11 Jan 2025 22:58:15 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 78ms
14ms Script
application/x-javascript 2600:9000:2449:3200:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:3200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 07:29:02 GMT
content-encoding: gzip
via: 1.1 41fcd719412f2befdcf66654c7db4572.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: AMS58-P6
age: 55753
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: YMz3uYm0M3aOa4VRtvouVbUSdAT2XldAj8s7h0B30woMxX8RvPlEuA==
expires: Sat, 13 Jan 2024 07:29:02 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 79ms
15ms Script
application/x-javascript 2600:9000:2449:3200:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:3200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:18:45 GMT
content-encoding: gzip
via: 1.1 41fcd719412f2befdcf66654c7db4572.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: AMS58-P6
age: 13170
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: jYwOhV0j1X2147oQGaXPLG_wimDtszq1lSTFvR1BgJjktcVJbMDYsg==
expires: Sat, 13 Jan 2024 19:18:45 GMT

GET
H2 200 queryly.v4.min.js Show response
www.queryly.com/js/ 26 KB
7 KB 41ms
14ms Script
application/javascript 2606:4700:20::681a:c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.queryly.com/js/queryly.v4.min.js
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ddf6d0c217b463bc84d3d06da179b5f4baf2c0e4f5a91c91256c1876df061717

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Dec 2023 23:12:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 256
etag: W/"085e68aac3ada1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imBvtcn%2BHHLvJ3uo7mhSNOh2rFqkxqQ0P0NI%2BArSkgBBVTRbVh7LmkupYffXtW3mauMV3XzT1hOfmb7Tv4jhfBP6Vr%2Fa8eATXxlHoLMcTlZJvAF243nr9I6B%2B5QJeXRI3OOam2Ett1%2F3X79bAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 844900ce0cde9202-FRA

GET
H2 200 ZYLDRX2PJNFFNJUPCLFCQLTBXI.jpeg
gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 25 KB
26 KB 310ms
256ms Image
image/avif 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ZYLDRX2PJNFFNJUPCLFCQLTBXI.jpeg?auth=ce21282d50a3c4fbba5bb942f27c1d61fa0f3a5fa8330ec25442491242281a67&width=800&height=450&smart=true

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f9b56ca02e641f4f395f9d5daccb43384a359f79fd0034a504c0c07b4b661093

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400
last-modified: Fri, 12 Jan 2024 02:50:56 GMT
server: Akamai Image Manager
etag: "0aacb525b54f1e2f829509902f3a2ff4"
x-arc-request-id: 0.4ef01002.1705100295.f6b1906
content-type: image/avif
cache-control: private, no-transform, max-age=31463521
server-timing: cdn-cache; desc=HIT, edge; dur=235, origin; dur=0, ak_p; desc="1705100295281_34664526_258676998_23523_13702_11_0_182";dur=1
content-length: 25907
expires: Sat, 11 Jan 2025 02:50:16 GMT

GET
H2 200 MKLL4GLJCZFTTAOR3VOCUP7R2I.jpg
gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 12 KB
13 KB 140ms
86ms Image
image/avif 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/MKLL4GLJCZFTTAOR3VOCUP7R2I.jpg?auth=4171d5d9acff652f35b2b3cfe391171fc3afc28dae5ab2fa061d8cb63c6d5d13&width=800&height=450&smart=true

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

146f967b71559850ce961f67fa716019ecce6213b2999db6b6085105b8b412ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400
last-modified: Thu, 11 Jan 2024 01:07:15 GMT
server: Akamai Image Manager
x-serial: 1742
x-check-cacheable: YES
etag: "59bfa7bd1b5998d536127bc087fcff60"
x-arc-request-id: 0.4ef01002.1705100295.f6b1907
content-type: image/avif
cache-control: private, no-transform, max-age=31370836
server-timing: cdn-cache; desc=HIT, edge; dur=66, origin; dur=0, ak_p; desc="1705100295281_34664526_258676999_6589_13112_6_0_182";dur=1
content-length: 12443
expires: Fri, 10 Jan 2025 01:05:31 GMT

GET
H2 200 QXCOMAG5RJBXLESN4ADSXCAYBI.jpg
gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 11 KB
11 KB 82ms
80ms Image
image/avif 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/QXCOMAG5RJBXLESN4ADSXCAYBI.jpg?auth=2f92e98b69ed3c2810cfa425220e5e7609b136550470ef5025b446f36141a3e6&width=800&height=450&smart=true

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b706f95f8e2669bea222c370517e315d74fc704b55ac06520c6bc8041b3af417

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400
last-modified: Thu, 11 Jan 2024 12:37:20 GMT
server: Akamai Image Manager
x-serial: 1397
x-check-cacheable: YES
etag: "beea7c7cac15ced2ab6eeced17649932"
x-arc-request-id: 0.4ef01002.1705100295.f6b194c
content-type: image/avif
cache-control: private, no-transform, max-age=31412346
server-timing: cdn-cache; desc=HIT, edge; dur=48, origin; dur=0, ak_p; desc="1705100295334_34664526_258677068_4854_20310_6_0_219";dur=1
content-length: 11091
expires: Fri, 10 Jan 2025 12:37:21 GMT

GET
H2 200 JALHE2Q6I5GLFGHB3M4A6N4BBQ.PNG
gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 9 KB
9 KB 239ms
236ms Image
image/avif 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/JALHE2Q6I5GLFGHB3M4A6N4BBQ.PNG?auth=3cd52831a2de2bceb404efcb0f9677bd118c885f30b9da84ceb421954ea05d4c&width=800&height=450&smart=true

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

836aa7c59c712693d6287296e9f8dd781ce548557efd9667c7a36c63238be50e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400
last-modified: Mon, 08 Jan 2024 02:26:30 GMT
server: Akamai Image Manager
x-serial: 45
x-check-cacheable: YES
etag: "79814ebef726a4d0ad1adfa0b596ecf2"
x-arc-request-id: 0.4ef01002.1705100295.f6b1953
content-type: image/avif
cache-control: private, no-transform, max-age=31116475
server-timing: cdn-cache; desc=HIT, edge; dur=203, origin; dur=0, ak_p; desc="1705100295343_34664526_258677075_20677_16194_6_0_182";dur=1
content-length: 8910
expires: Tue, 07 Jan 2025 02:26:10 GMT

GET
H2 200 7VKHBSQ5FFG2DHEITWOQWWVIAM.JPG
gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 17 KB
17 KB 83ms
81ms Image
image/avif 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/7VKHBSQ5FFG2DHEITWOQWWVIAM.JPG?auth=848646999766f6327a02e17ff87742c0ce3167c306c2c49b1e8f28123dd1d807&width=800&height=450&smart=true

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

0df30fce7c84a133286701e1ab930d091d0f02974c960732d5e5cebe946f8fd4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400
last-modified: Thu, 11 Jan 2024 22:21:40 GMT
server: Akamai Image Manager
x-serial: 1705
x-check-cacheable: YES
etag: "40ea9345949173116a1a3ba995571320"
x-arc-request-id: 0.4ef01002.1705100295.f6b1954
content-type: image/avif
cache-control: private, no-transform, max-age=31447380
server-timing: cdn-cache; desc=HIT, edge; dur=60, origin; dur=0, ak_p; desc="1705100295339_34664526_258677076_6021_6710_8_0_182";dur=1
content-length: 17329
expires: Fri, 10 Jan 2025 22:21:15 GMT

GET
H2 200 D72WCIQITNFJFGAY4QEC4Z2PMU.jpg
gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 17 KB
17 KB 245ms
244ms Image
image/avif 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/D72WCIQITNFJFGAY4QEC4Z2PMU.jpg?auth=5519fd50d2efdc2e64c858023a293163ca8d52edbedc133e6750d492bbcf4556&width=800&height=450&smart=true

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f2585a718d4741b9fefda50ee5af2a53aa6eb2072430b7a32344c6e871f9643f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400
last-modified: Fri, 12 Jan 2024 22:20:30 GMT
server: Akamai Image Manager
etag: "53d65ceee650592e00ce4641f6afa093"
x-arc-request-id: 0.4ef01002.1705100295.f6b1955
content-type: image/avif
cache-control: private, no-transform, max-age=31533834
server-timing: cdn-cache; desc=HIT, edge; dur=225, origin; dur=0, ak_p; desc="1705100295339_34664526_258677077_22457_6689_5_0_146";dur=1
content-length: 17217
expires: Sat, 11 Jan 2025 22:22:09 GMT

GET
H2 200 https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F01-12-2024%2Ft_5ecab8341261460fb849d21f367cec54_name_file_1280x720_2000_v3_1_.jpg
gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 15 KB
15 KB 267ms
265ms Image
image/avif 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F01-12-2024%2Ft_5ecab8341261460fb849d21f367cec54_name_file_1280x720_2000_v3_1_.jpg?auth=1471c0f319f0b7e0438a377cd97c160d05140b908fb837c86b44d05a36cc7c0f&width=800&height=450&smart=true

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e558e197babb8be50c98588d500ae5d1457ca6b869710ae8f1ca59c5ac9d16e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400
last-modified: Fri, 12 Jan 2024 22:54:28 GMT
server: Akamai Image Manager
x-serial: 591
x-check-cacheable: YES
etag: "dad9da087921ddff6d98ec984d06bf36"
x-arc-request-id: 0.4ef01002.1705100295.f6b1956
content-type: image/avif
cache-control: private, no-transform, max-age=31535770
server-timing: cdn-cache; desc=HIT, edge; dur=245, origin; dur=0, ak_p; desc="1705100295339_34664526_258677078_24494_7798_5_0_146";dur=1
content-length: 15286
expires: Sat, 11 Jan 2025 22:54:25 GMT

GET
H2 200 https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F01-12-2024%2Ft_b86ed526a21d4e46a5cc17532a8c839b_name_file_1280x720_2000_v3_1_.jpg
gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 18 KB
18 KB 648ms
646ms Image
image/avif 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F01-12-2024%2Ft_b86ed526a21d4e46a5cc17532a8c839b_name_file_1280x720_2000_v3_1_.jpg?auth=6a9dc641d6d418d8778911aee9715b279af3bfb053ae7928b3e0104996646e17&width=800&height=450&smart=true

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b5a33d3bdbbbe2fa8cd09a00b357906d17f9ca511907fc5e2a138a613e0729ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400
last-modified: Fri, 12 Jan 2024 22:52:26 GMT
server: Akamai Image Manager
x-serial: 1873
x-check-cacheable: YES
etag: "6583456f9da44f699e6518d534b728aa"
x-arc-request-id: 0.4ef01002.1705100295.f6b1957
content-type: image/avif
cache-control: private, no-transform, max-age=31535564
server-timing: cdn-cache; desc=HIT, edge; dur=626, origin; dur=0, ak_p; desc="1705100295339_34664526_258677079_62508_7798_5_0_146";dur=1
content-length: 18314
expires: Sat, 11 Jan 2025 22:50:59 GMT

GET
H2 200 HNLZUFTBOZH5NCB4P57FZCMX5U.png
gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 13 KB
14 KB 84ms
83ms Image
image/avif 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/HNLZUFTBOZH5NCB4P57FZCMX5U.png?auth=79165f34a1afd3ac3a4658ead5b8e2eac05189d16869938555f8ab99738e6420&width=800&height=450&smart=true

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

10c8b434f6a2204a556decc7b23a99e7f4362d2ec92e7c32cbe4b40ff747a82c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400
last-modified: Fri, 12 Jan 2024 21:57:00 GMT
server: Akamai Image Manager
x-serial: 1937
x-check-cacheable: YES
etag: "da932565cd79a7f01c52b185ed736fb6"
x-arc-request-id: 0.4ef01002.1705100295.f6b1958
content-type: image/avif
cache-control: private, no-transform, max-age=31532272
server-timing: cdn-cache; desc=HIT, edge; dur=62, origin; dur=0, ak_p; desc="1705100295340_34664526_258677080_6253_7178_6_0_146";dur=1
content-length: 13741
expires: Sat, 11 Jan 2025 21:56:07 GMT

GET
H2 200 WMYPOBF6KRD5LPNPXCU636J3LE.JPG
gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 64 KB
64 KB 74ms
73ms Image
image/avif 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/WMYPOBF6KRD5LPNPXCU636J3LE.JPG?auth=6e72689040c9ad7afa667663de70257ae344cbb758104293c374ce496da91663&width=800&height=450&smart=true

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

ed4bac5582f43d046df75bf8a54871403d2c04bcc3a180845bf311b08bd09db3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400
last-modified: Fri, 12 Jan 2024 20:40:04 GMT
server: Akamai Image Manager
etag: "395b54ec38cc726de197072365ad3044"
x-arc-request-id: 0.4ef01002.1705100295.f6b1959
content-type: image/avif
cache-control: private, no-transform, max-age=31527789
server-timing: cdn-cache; desc=HIT, edge; dur=44, origin; dur=0, ak_p; desc="1705100295339_34664526_258677081_4415_16423_6_0_146";dur=1
content-length: 65337
expires: Sat, 11 Jan 2025 20:41:24 GMT

GET
H2 200 v2ineXRPNEI4LdZRZwHdt5IFPUH_ba90yIcTz4uUzW4VdiuMPgci2OAPx Show response
reconditerespect.com/ 72 KB
25 KB 55ms
25ms Script
text/javascript 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2ineXRPNEI4LdZRZwHdt5IFPUH_ba90yIcTz4uUzW4VdiuMPgci2OAPx

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

2c9b1510cc6a49af87ded85d0360e352bfcb3f3e1421f2755dd7074fc438c39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Fri, 12 Jan 2024 22:58:15 GMT
x-datacenter: gce-europe-west1
etag: "347db487ca304a12b7af2e78cbfcb79daa3d106278ec67926b2def9b6bbfe757"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-0rzn
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1072352451
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 v2fkpXVLW2jExPzWvcIFhqv5Aal1YEd6XRx7OIunIrurgqEOlZ1QJgQRPxMk_XqNl4cXZDCc08Q Show response
reconditerespect.com/ 9 KB
4 KB 50ms
20ms Script
text/javascript 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2fkpXVLW2jExPzWvcIFhqv5Aal1YEd6XRx7OIunIrurgqEOlZ1QJgQRPxMk_XqNl4cXZDCc08Q

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

1401a8ba666449ee62c1b48a647c2aad3f6e9aeab8761527b31def9986895eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
via: 1.1 google
date: Fri, 12 Jan 2024 22:58:15 GMT
x-datacenter: gce-europe-west1
etag: "e20760421559022e0c577c5ed633916f3da55db332661fc84e0261f1ce99bb0b"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-0rzn
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1072352451
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 39ms
13ms XHR
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 b96dc0b769a91a3fe5483b063383b1c8.cloudfront.net (CloudFront)
date: Fri, 12 Jan 2024 08:56:53 GMT
x-amz-cf-pop: AMS58-P4
age: 50483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: X2U35br3W6bfhyz_ZpXycub2VM76GATPkapP88A1jI1HZjbevtksyg==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161733/6819/ 535 KB
162 KB 51ms
14ms Script
application/javascript 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 01b83ab9dd12f79d5f3ec8b655c274567e016aacc9f3341ba33947bc269ce41a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
last-modified: Wed, 26 Jul 2023 14:41:30 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=122518
accept-ranges: bytes
content-length: 165409
expires: Sun, 14 Jan 2024 09:00:13 GMT

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 48ms
25ms Script
application/javascript 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 43035
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 12:24:11 GMT
server: cloudflare
etag: W/"1bbec-18c8c555208"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 844900cdfce60394-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 11 Jan 2025 22:58:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
66 KB 62ms
40ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12658ca6492963d8d3876f2e3bc650dc243a1d0fcb17289af9d041cefcf0d43a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67212
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jan 2024 22:58:15 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/meredith-network/ 1 MB
87 KB 35ms
9ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0791d2b9d5addb7e98f10930c50b08899ba80729281c889eb876516f0c3cc608

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: uV50c8a.ofhtW_gm5NLYqH0PJUaEASCZ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:15 GMT
x-amz-request-id: B3FMDP75697XGK84
age: 10393
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 89000
x-amz-id-2: sqFRgou6x+CXhCYizzgaFMm2UBH9N1C/5Q0wp2/waMi3dQrs+lA7sKZjJy5TMgZKzdBROzSD+Bw=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Fri, 12 Jan 2024 20:04:55 GMT
server: AmazonS3
x-timer: S1705100295.384528,VS0,VE0
etag: "97d45fd9dd281f75b796d23656e1fae5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 63
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/meredith-network/ 59 KB
17 KB 23ms
17ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/meredith-network/newsroom.js
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae2e26dd5055b20d2b55e5efec136e5da433dc3a75df7d266467bb93c998f33f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:15 GMT
x-amz-request-id: C5SDFFWQ24ZBSZWM
age: 54
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17441
x-amz-id-2: d3ZOxBdVbaailoku1HPBaVmdTh05fZsrDRQ2cCah5/r+pDyTq9GJfPdYfxvOIQYA1ldZrDO3WQQ=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Thu, 09 Nov 2023 18:44:30 GMT
server: AmazonS3
x-timer: S1705100295.384545,VS0,VE1
etag: "6ee91e323bdb62abeae2a2117f8f9649"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2MWZR-8HNMN-PR24M-LD92Y-H99CJ Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 47ms
11ms Script
application/javascript 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/2MWZR-8HNMN-PR24M-LD92Y-H99CJ
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Tue, 19 Dec 2023 10:44:13 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 wfie.jpg
www.14news.com/pf/resources/images/mastheads/backgrounds/ 813 B
1 KB 233ms
233ms Image
image/avif 2a02:26f0:480:f::213:7ec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.14news.com/pf/resources/images/mastheads/backgrounds/wfie.jpg?d=381

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d8fdba110698b80c64643c92afd47a6bc220388ee25114cf7d38e6f5512dc1f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400
x-check-cacheable: YES
x-arc-request-id: 0.887d1302.1705100295.6295ecb3
server-timing: cdn-cache; desc=HIT, edge; dur=216, origin; dur=0, ak_p; desc="1705100295341_34831752_1653992627_21567_9585_7_0_146";dur=1
content-length: 813
last-modified: Thu, 11 Jan 2024 16:47:16 GMT
server: Akamai Image Manager
x-serial: 981
etag: W/"cf62edb00a70b98b9e29d6ce8329c837"
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31427292
expires: Fri, 10 Jan 2025 16:46:27 GMT

GET
H2 200 wfie.svg
www.14news.com/pf/resources/images/mastheads/logos/ 37 KB
9 KB 13ms
13ms Image
image/svg+xml 2a02:26f0:480:f::213:7ec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.14news.com/pf/resources/images/mastheads/logos/wfie.svg?d=381

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

54b58022d11594ac566af18fc88040258482320395217a571a6b699d587bb71d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: ATL58-P2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.887d1302.1705100295.6295ecb4
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705100295341_34831752_1653992628_34_5461_11_0_146";dur=1
content-length: 8352
last-modified: Thu, 11 Jan 2024 15:51:23 GMT
server: openresty
etag: W/"aaf562f3eef5f761243128b2b305ce56"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: oxjmKZojmiZSC1dW3N913jo7ogBAkL2aVyeH3JZDccIjqMn6DwNbAg==
expires: Sat, 11 Jan 2025 22:58:15 GMT

GET
H2 200 grayLogoHorizontal.svg
gray-wfie-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 14 KB
5 KB 23ms
22ms Image
image/svg+xml 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/pf/resources/dist/images/grayLogoHorizontal.svg?d=381

Requested by

Host: gray-wfie-prod.cdn.arcpublishing.com
URL: https://gray-wfie-prod.cdn.arcpublishing.com/pf/resources/dist/wfie/css/main.css?d=381

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gray-wfie-prod.cdn.arcpublishing.com/pf/resources/dist/wfie/css/main.css?d=381
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: ATL58-P2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.4ef01002.1705100295.f6b1965
server-timing: cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1705100295348_34664526_258677093_461_3909_6_0_146";dur=1
content-length: 5010
last-modified: Thu, 11 Jan 2024 15:51:22 GMT
server: openresty
etag: W/"4228f26a863969873e28bcee1a6a4ded"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 16PeE8acpszV2ECOJsyLT4DQ-lDDfx5JNqR39JzaPnlmM_qlw_yIVg==
expires: Sat, 11 Jan 2025 22:58:15 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 153 KB
154 KB 25ms
16ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5644b46d5d663155f02502683f9d4ed7d7b3885cb2b04fbc9f1ac9da0d0eff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin: https://www.14news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2617319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 156496
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-26350"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2Uw%2FhoPtJpoLKp5fZIa7O4bCYLfAaBkiOkUn6KRa64T3AmMzHecumMB%2FKlLFdPPXhAO0Kc0AnrtlafekfRcZiPQFxoKR6nNErHWQUDHvQiiVA5GCgebF5fPMcGNBVD%2BrVDIisn5tkOVSTyfd5oSZez6"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 844900cdfd4403a6-FRA
expires: Wed, 01 Jan 2025 22:58:15 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 25 KB
25 KB 46ms
37ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a302b34ce783fda0c1a493fe5161d2222b71d2409accaa88d454b866ba807ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin: https://www.14news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3686162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25452
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-636c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YojwzCocnPlirivKjjCYXKmtpEh5dTJqtkQoILB8lY2EpMEZvMYYWLcAD88crQ7WZP1fyno9lIV47XI419rN4qMQPB58%2BVkJlFfWPzJ85TrDVfsEZaZP5pp9ShaDVFRCBYQp9FIscbthw03uUj%2Fy5c1x"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 844900cdfd4603a6-FRA
expires: Wed, 01 Jan 2025 22:58:15 GMT

GET
H2 200 whitecloseicon.png
www.queryly.com/images/ 816 B
1 KB 13ms
12ms Image
image/png 2606:4700:20::681a:c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.queryly.com/images/whitecloseicon.png
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 15:55:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1496
etag: "4c9d5a55c95da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUy61KSB1rjkV%2F%2BjjGi6s58txTi9HhXKPjmmwnIrT4%2BCro5%2BT%2BSCd6F7AsrYGH6lp1lUDbz2ZLj3UuBiln9sxlXPE7TA2zthjbMd9ighjb1AHLY9tP6oIhj08NAdpjOiqoqZ%2BldoijWYAqoOVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 844900ce8d1e9202-FRA
content-length: 816

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 109ms
83ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.14news.com
URL: https://www.14news.com/pf/dist/components/combinations/default.js?d=381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3704830fec3575491f1bdf729ec4cd621bad7120e072f427ae1f84e31129590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29352
x-xss-protection: 0
server: cafe
etag: 454 / 19734 / m202401040101 / config-hash: 6457213104751266546
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 22:58:15 GMT

GET
H2 200 3793 Show response
config.aps.amazon-adsystem.com/configs/ 532 B
808 B 60ms
13ms Script
application/javascript 18.238.243.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3793
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-122.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0d39bbdcae43253b7e0d7a69841e70d8781ac7aaca5cd9a20fc9edbf5c643e76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:20:30 GMT
via: 1.1 432282689bafd802e8ec9636c256a3b0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
age: 2265
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 532
x-amz-cf-id: gv4wi0kXo69gLL02QR49jOqLPfFFTqlsMb4adGws3HDY8l8D88qJBg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 23ms
23ms XHR
text/plain 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3793&u=https%3A%2F%2Fwww.14news.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:41:33 GMT
via: 1.1 4a58d1025db7d55387fe7325daf4435e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
age: 8202
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.14news.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: BXrlOV37GbDmGdBS5Bp4t5nuL8REX3vjVYheczKdng4xYlGEPOsGow==

GET
H2 200 wx-current-conditions-v3 Show response
www.14news.com/pf/api/v3/content/fetch/ 321 B
783 B 26ms
25ms XHR
application/json 2a02:26f0:480:f::213:7ec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.14news.com/pf/api/v3/content/fetch/wx-current-conditions-v3?_website=wfie&filter=%7B%0A++imperial+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A++metric+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A%7D

Requested by

Host: www.14news.com
URL: https://www.14news.com/pf/dist/components/combinations/default.js?d=381

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

54648be507bf58a74d0f0ee472daad0b4493a1e10ca6c7f74491949cabfe94ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 120
x-arc-pb-request-id: 0f77e2fe-0c31-48b2-9f57-43f852856358, 0f77e2fe-0c31-48b2-9f57-43f852856358
content-encoding: gzip
date: Fri, 12 Jan 2024 22:58:15 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: MIA3-P8
strict-transport-security: max-age=86400
x-arc-request-id: 0.887d1302.1705100295.6295ed9c
server-timing: cdn-cache; desc=HIT, edge; dur=13, origin; dur=0, ak_p; desc="1705100295481_34831752_1653992860_1340_5580_7_0_219";dur=1
content-length: 183
last-modified: Fri, 12 Jan 2024 22:55:36 GMT
server: openresty
etag: W/"141-0LK0U5D1DrUQtb6o19pmx0ZApOM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=39
x-amz-cf-id: qCBjxQLasjgzj9StJrWsk83iZSXobLOU_2rJRaleo5qBHe5-OEPGAQ==
expires: Fri, 12 Jan 2024 22:58:54 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
30 KB 20ms
6ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 10298097
x-cache: HIT, HIT
content-length: 29875
x-served-by: cache-lga21967-LGA, cache-fra-etou8220097-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1705100296.501242,VS0,VE0
etag: W/"28feccc0-14e55"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 13, 195408

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 54ms
13ms Image
image/gif 2600:9000:20ab:8c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adunitid=saqdig&adnum=269908
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 73ce513d12556804240bd1d312686daa.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 2784512
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: CO8Vhupyz7eLLBRr95fsPwWnWb2ig4B6nytJyO3oEZXYGeaSaDmLOQ==

GET
H2 200 gray.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/org/ 303 KB
80 KB 17ms
17ms Script
application/javascript 2600:9000:2090:8e00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaBoot.js?org=gray
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:8e00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58eb11807a0760c15d36291ca18203c79142810a3fc40062f249d36493b96617

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:54:54 GMT
content-encoding: gzip
via: 1.1 11dfc8c750cf42e4f5f3a7296512a1f8.cloudfront.net (CloudFront)
last-modified: Wed, 29 Nov 2023 19:12:51 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P1
age: 210
x-amz-server-side-encryption: AES256
etag: W/"b25d4f4403a55e54cdec2123acc39c0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=300
x-amz-cf-id: 06YBQvwGLtPFZVr1xVaGU-fr0od45-d3uMDL6qqGlNujEwwNndCwwQ==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 289ms
92ms Image
image/gif 34.235.12.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=14news.com&p=14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&u=DpgWvpVHD9NrceS6&d=14news.com&g=39189&g0=%2Fnews%2Findiana%2C%2Fnews&g1=Jill%20Lyman&g4=story&n=1&f=00001&c=0&x=0&m=0&y=3452&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&b=1608&t=B3gUMzBVLnt7CZKPXsB0v5QUBG3XWp&V=143&i=Bally%E2%80%99s%20loses%20%24212K%20in%20construction%20scam%2C%20police%20say&tz=-60&sn=1&sv=DhE6ubDsQ78UCpiWGADaM7QMDaJAWr&sr=external&sd=1&im=06672ffa&_
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.12.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-12-81.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 load.js Show response
pm-widget.taboola.com/meredith-network/ 3 KB
2 KB 15ms
15ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/meredith-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bd3579eeaf1e873085949886f97191f13be80d67d7766a8ac927875d4814347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: FbNJI6yPQAn16Zf16RGpchpqyTa9VzjE
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:15 GMT
x-amz-request-id: NHBC3SDD3V67GVWG
age: 2698
x-cache: HIT
content-length: 1174
x-amz-id-2: KDZys3pjH9ox5HX1jOzIBk4TAe5uvSgSaazhCsK7OGGlKjKX4MtFBp4WdIXJNq3GAivg6HZpH04=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Tue, 26 Sep 2023 09:38:22 GMT
server: AmazonS3
x-timer: S1705100296.534681,VS0,VE3
etag: "0daf4de83298a10d37f22ed08823308a"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 impl.20240111-22-RELEASE.js Show response
cdn.taboola.com/libtrc/ 836 KB
173 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240111-22-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 74e9f8314780f1ce227f0721224dadeb7f6243275cd79fe2b371d4df8b59cc1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: vvzhoj50i0z.NtlWpRGWI7zDWeL_fBxM
content-encoding: br
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:15 GMT
x-amz-request-id: JJ98YSSNEERWZFHF
age: 27622
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 177024
x-amz-id-2: dK3np2qDLdUQ30k/qD3qtWIdWU7Pd8+dA9CynVtDDEHFpjGL2ZOMCacwEm9ldTid75UZ6qXN92M=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Thu, 11 Jan 2024 15:11:03 GMT
server: AmazonS3-br
x-timer: S1705100296.534682,VS0,VE0
etag: "aa8f022a81723f7f25b01d12f9a5f539"
vary: Accept-Encoding
content-type: application/javascript
abp: 37
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 4337

GET
H2 200 floors.json Show response
ads.pubmatic.com/AdServer/js/pwt/floors/161733/6819/ 15 KB
3 KB 22ms
8ms XHR
application/json 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/floors/161733/6819/floors.json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 49fa442e54fafa1cd1bde7fcaf982dbb42d4116cde685a724ef2e9fd6ddd276b

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
last-modified: Fri, 12 Jan 2024 16:22:48 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: application/json
cache-control: public, max-age=3647
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2440
expires: Fri, 12 Jan 2024 23:59:02 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 213 B
524 B 156ms
109ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=14news.com&domain=14news.com&path=%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d42fc95f685ddb8bdd9c1b1ec27464052f685f83bbd5a94fe015cf4f99e942f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 166
x-served-by: cache-fra-etou8220075-FRA
x-timer: S1705100296.639933,VS0,VE103
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Wed, 10 Jan 2024 22:58:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 222 KB
74 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WK5SPMT&l=RCdataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c9745c70198f745a304802a69ba2139c8efec63e6c8a3b587c7500eb1c3430f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75233
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jan 2024 22:58:15 GMT

GET
H2 200 26.svg
www.14news.com/pf/resources/images/weather/weather-condition-icons/svgs/ 2 KB
1 KB 26ms
26ms Image
image/svg+xml 2a02:26f0:480:f::213:7ec8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.14news.com/pf/resources/images/weather/weather-condition-icons/svgs/26.svg?d=381

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

6a7a553dcc86cd120aeddfe25d8c9e64a0e03039b9e0793fdfffcf3dea2b4f97

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.887d1302.1705100295.6295eebe
server-timing: cdn-cache; desc=HIT, edge; dur=13, origin; dur=0, ak_p; desc="1705100295629_34831752_1653993150_1341_6138_7_0_146";dur=1
content-length: 741
last-modified: Thu, 11 Jan 2024 15:51:23 GMT
server: openresty
etag: W/"5b504260030047b11cb48d53097340b4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: PLtOVU6bTIHlJvSNJNts0gK-hnGtyN1CvhM7ePZGR3_V9bC2uV0WCg==
expires: Sat, 11 Jan 2025 22:58:15 GMT

GET
H2 200 404 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 2 KB
1006 B 126ms
126ms XHR
application/json 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/404?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5fc764b04ac9993abcdeddf3fe3ab542ba8d3af83c43601373e16541c19d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"77a-V7sTySuRTeFtUkUwGF38OZV7y2I"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.14news.com
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 844900d08ee10394-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 404
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 126ms
115ms Preflight 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/404?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.14news.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.14news.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844900cfcf20bb8c-FRA
date: Fri, 12 Jan 2024 22:58:15 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H2 200 findByUuid Show response
gray-config-prod.api.arc-cdn.net/video/v1/ansvideos/ 52 KB
4 KB 457ms
386ms XHR
application/json 2a02:26f0:3500:1b::1724:a39b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-config-prod.api.arc-cdn.net/video/v1/ansvideos/findByUuid?uuid=d2b9ba37-f9bd-40fa-a4c4-3e1b0fcfe5e9

Requested by

Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a39b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3c0855e6c01ca96fac090aafacf4c1ef72dba8b5ccd1ddeb12b50904da27a76b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; preload
x-cache-status: EXPIRED
x-org-rate-limit: 1200
content-length: 3621
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: https://www.14news.com
access-control-allow-methods: GET,HEAD
cache-control: max-age=300
access-control-allow-credentials: false
x-org-rate-limit-interval: 5 minutes
origin-type: Content
x-org-rate-limit-remaining: 1199
expires: Fri, 12 Jan 2024 23:03:16 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/ 436 KB
137 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4143
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140168
x-xss-protection: 0
server: cafe
etag: 17101759845534740898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 11 Jan 2025 21:49:12 GMT

GET
H2 200 pmk-20220605.54.js Show response
pm-widget.taboola.com/meredith-network/ 102 KB
29 KB 26ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/meredith-network/pmk-20220605.54.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/meredith-network/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 825d6725809a6a6a8b92fa000731e603b6db437bf29f0a2660676a33a5b711a2

Request headers

Referer: https://www.14news.com/
Origin: https://www.14news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: 8zGCBaDMZLX7xDSKv1wuk218wwGF15XF
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:15 GMT
x-amz-request-id: J6BTWEC2RFWD6R2A
age: 3276789
x-cache: HIT
content-length: 28802
x-amz-id-2: PhGyVXvdM4SPOuTopynsT3HZdqcNKs0QeDvLFaz4TqwjIgQCi1LsBfsuTmaFBInm7o647QupW44=
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Tue, 26 Sep 2023 09:38:21 GMT
server: AmazonS3
x-timer: S1705100296.673438,VS0,VE0
etag: "67288be720224eccff98d354d0098a2d"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 6

GET
H2 200 MIN-516620.js Show response
apv-launcher.minute.ly/api/launcher/ 29 KB
12 KB 40ms
8ms Script
text/javascript 199.232.211.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://apv-launcher.minute.ly/api/launcher/MIN-516620.js

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.211.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.25.1 /

Resource Hash

38a69f0b502012189d612863d86a57c19db5a14889204ca70f0fdbfbaeb6f468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 12 Jan 2024 22:00:43 GMT
date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
age: 3453
x-cache: HIT, HIT
content-length: 11085
x-xss-protection: 1; mode=block
x-request-id: 7ce606fe-c6a8-4fd0-a845-56e56d978420
x-served-by: cache-iad-kiad7000023-IAD, cache-fra-eddf8230072-FRA
x-runtime: 0.722587
referrer-policy: strict-origin-when-cross-origin
x-debug-req-method: GET
server: nginx/1.25.1
x-timer: S1705100296.701315,VS0,VE1
etag: W/"38a69f0b502012189d612863d86a57c1"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-debug-app-get: GET
x-debug-server-name: apv-launcher.minute.ly
access-control-allow-credentials: true
cache-control: max-age=30
accept-ranges: bytes
access-control-allow-headers: APP-GET,Content-Type
x-cache-hits: 160, 1

GET
H2 200 card-interference-detector.20240111-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 27ms
24ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20240111-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23c61c32f9672523bb8773177649c9bcfbe06f7d854bc59ba9bb2f1d70c47784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: qHYS2NT1A_v1BNZ5Q3ez0D40RNRa_MXM
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:15 GMT
x-amz-request-id: ZRTQKKEDPKFGJC5H
age: 113744
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2179
x-amz-id-2: KOOwwoZoq9EKtv7LKh419L21AXniyUs3rQN/e6upLvZ/FHIFX3op8GbgR0xP3jYCpICtVsxopg4=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Thu, 11 Jan 2024 15:22:31 GMT
server: AmazonS3
x-timer: S1705100296.688245,VS0,VE0
etag: "22e1f2046230782fa743c776fcaf6f4b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 32
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 67903

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 612ms
114ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240111-22-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 312537
expires: 60

GET
H2 200 json Show response
trc.taboola.com/graytv-14news/trc/3/ 127 KB
33 KB 839ms
832ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-14news/trc/3/json?tim=23%3A58%3A15.670&lti=deflated&data=%7B%22id%22%3A612%2C%22ii%22%3A%22%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1705089874811%2C%22vi%22%3A1705100295668%2C%22cv%22%3A%2220240111-22-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22ar%22%3A%7B%22md%22%3A%222023-12-11T22%3A13%3A50.215Z%22%2C%22ti%22%3A%22Bally%E2%80%99s%20loses%20%24212K%20in%20construction%20scam%2C%20police%20say%22%2C%22th%22%3A%22https%3A%2F%2Fgray-wfie-prod.cdn.arcpublishing.com%2Fresizer%2Fv2%2FZNXXZHRIXJCIZAMTJISGOIPLOA.jpg%3Fauth%3Dbf760af48f96c114d3071166adeddbb45ea3344ba3baac6b8ebf950d652fff06%26width%3D1200%26height%3D600%26smart%3Dtrue%22%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F%22%2C%22vpi%22%3A%22%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2838%2C%22nsid%22%3A%22meredith-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A20%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20New%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20New%22%2C%22cd%22%3A1343.078125%2C%22mw%22%3A938%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2CBelow%20Article%20Thumbnails%20New%3Dalternating-thumbnails-a%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240111-22-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c746f51c744930802c64fed29f2a07ae06b30f5891a91f662a537f3a89e21a7f

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 818
date: Fri, 12 Jan 2024 22:58:16 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.35833333333333334
x-fastly-to-nlb-rtt: 7502
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220093-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1705100296.688175,VS0,VE818
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.14news.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XTQ191V2PM&l=RCdataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WK5SPMT&l=RCdataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39827f082c466d9f760b44f31bc93dde0e971f3f0eb2db6bfed1c6a50adf94bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jan 2024 22:58:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WK5SPMT&l=RCdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jan 2024 21:48:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4200
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 12 Jan 2024 23:48:15 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 51 B
323 B 73ms
44ms XHR
application/json 2a02:26f0:480:184::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=2MWZR-8HNMN-PR24M-LD92Y-H99CJ&d=www.14news.com&t=5683668&v=1.720.0&sl=0&si=b93db0e3-de8e-46d7-ab0c-fab3848646b2-s767t2&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=677317
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/2MWZR-8HNMN-PR24M-LD92Y-H99CJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:184::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4bc3c44465097065bb17194097fed95a25ae6badf7f4980efe22e7ab0abc5bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Jan 2024 22:58:15 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51
Content-Type: application/json

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 105ms
46ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&pid=yjXGdE550GPXq&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-DHTngJRpmnXwbyBCEerEZLVXckxUNgdhz_HChHXNp_TWs4VDrU%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwfie%2Fweb%2Fnews%2Findiana%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 78FQZKJWGDP6VW56ZRAJ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.14news.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 8cF1ySxURZKMjQ4kwgUKf3mFO-l_mM_YNrX1mykDTA9ricvVtrHC1w==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 104ms
48ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&pid=yjXGdE550GPXq&cb=1&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-VeKn9v8K4KZGLmxSDZNDeEDxj7x_gCHN32HkFrtdet0FFPAl3N%22%2C%22s%22%3A%5B%221024x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwfie%2Fweb%2Fnews%2Findiana%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: Y8N9046AAR7X07N66BRC
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.14news.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: vUCV-wC373MybZ7EoJOZWXOW35gjWJQOYZuW15T6dXZkjJ05nXtPXw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 101ms
47ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&pid=yjXGdE550GPXq&cb=2&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-9KWJmtqHPeosZ3wQQJg6Hi-yffMUC6CHawWpdRyKIyCA_7lNKn%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwfie%2Fweb%2Fnews%2Findiana%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 1X38NC086C6AJ44K9TDS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.14news.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 8fyHfIZv6XvW9FwmcaU7amsIbCqr7nRc7jtRMMbWWKpSfvuotm_TcQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 100ms
49ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&pid=yjXGdE550GPXq&cb=3&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-WLKEDdeIVC2J_RUwcvFzJ8mYuGBpehcEBnwbzsh6YjrV8jFSfl%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwfie%2Fweb%2Fnews%2Findiana%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: NBAHFPN7T50NXARF8VJH
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.14news.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: EyDeyY1etRbSw_1HXx0KjIwNv5JSG6nJKxiDLBZBj6IVqUNm-irnPw==

GET
H2 200 mi-scraper-1.17.0.32.js Show response
snippet.minute.ly/publishers/gray_group/ 89 KB
28 KB 53ms
29ms Script
application/javascript 2606:4700:20::681a:ada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.minute.ly/publishers/gray_group/mi-scraper-1.17.0.32.js
Requested by: Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-516620.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ada , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 790e90d45636000ad24f407cb54e878f2a793a795fbf95497396074aa0d39ddb

Request headers

Referer: https://www.14news.com/
Origin: https://www.14news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y2D1XN7SFMDJMPJS
age: 4518287
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-id-2: rWLsRYGEaH2TWDNAQ/v6SUziAk57Z+qqp06+TqiVFyaP8wC0MG1UH4LN/YW01YQRZ0qx4b3jnEc=
x-served-by: cache-iad-kcgs7200020-IAD, cache-fra-eddf8230121-FRA
last-modified: Wed, 10 May 2023 08:47:33 GMT
server: cloudflare
x-timer: S1705100296.801241,VS0,VE0
etag: W/"60cdfd1f3dea6013e68c22afa83110bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7H5Or7gb0%2FhZhVZOteymkcyXfE29LVp83to%2BOs6qwJiHXmKl%2Bcr%2BEU%2F2dyyTuCDyJSjqb%2BTn3dV%2F0ZmH1Js1kkXVOZPwyHkUO6wAGuE1K8s8j7d2%2F5COPDAOOitk6Do89HOyGFx2HUDXx9HkdEvk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 844900d0af0c2c72-FRA
access-control-allow-headers: content-type
x-cache-hits: 39, 3

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1664613045&t=pageview&_s=1&dl=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&ul=en-us&de=UTF-8&dt=Bally%E2%80%99s%20loses%20%24212K%20in%20construction%20scam%2C%20police%20say&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=117616235&gjid=887480481&cid=1765686019.1705100296&tid=UA-22223248-23&_gid=1361826526.1705100296&_r=1&_slc=1&gtm=45He41a0n81WK5SPMTv79832192&cg1=%2Fnews%2Findiana&cg2=story&cg3=wfie&cg4=5Z7CE2RVRJDJFIOSWRMII7VFEU&cd1=12%2F11%2F2023&cd2=11&cd3=12&cd4=2023&cd5=story&cd6=1&cd7=Indiana%20News&cd8=wfie&cd9=wfie&cd10=5Z7CE2RVRJDJFIOSWRMII7VFEU&cd11=%2Fnews%2Findiana&cd12=PageBuilder%20Fusion%20-%20Arc%20Publishing&cd13=Jill%20Lyman&cd14=According%20to%20the%20report%2C%20officials%20from%20Bally%27s%20told%20police%20they%20were%20having%20some%20construction%20done%20and%20hired%20a%20vendor%20to%20do%20some%20work.&cd16=Fri%20Jan%2012%202024%2023%3A58%3A15%20GMT%2B0100%20(Central%20European%20Standard%20Time)&cd17=%2B01%3A00&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&cd19=Bally%27s%20loses%20%24212K%20in%20construction%20scam%2C%20police%20say&cd35=Gray%20TV%20Stations%20(English)&cd36=staff&cd37=gray-original-content&cd38=6c4d5d7a-69c6-483e-8ffd-871ff31dbadb&cd39=reference_denormalized&cd40=default&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=262669050

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 34ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XTQ191V2PM&gtm=45je41a0v890217420z879832192&_p=1705100295329&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1765686019.1705100296&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705100295&sct=1&seg=0&dl=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&dt=Bally%E2%80%99s%20loses%20%24212K%20in%20construction%20scam%2C%20police%20say&uid=&en=page_view&_fv=1&_ss=1&ep.date_published=12%2F11%2F2023&ep.published_day=11&ep.published_month=12&ep.published_year=2023&ep.content_type=story&ep.primary_section_name=Indiana%20News&ep.content_owner=wfie&ep.content_provider=wfie&ep.content_id=5Z7CE2RVRJDJFIOSWRMII7VFEU&ep.ad_target=%2Fnews%2Findiana&ep.platform_name=PageBuilder%20Fusion%20-%20Arc%20Publishing&ep.author=Jill%20Lyman&ep.user_timezone_timestamp=Fri%20Jan%2012%202024%2023%3A58%3A15%20GMT%2B0100%20(Central%20European%20Standard%20Time)&ep.timezone_offset=%2B01%3A00&ep.content_name=Bally%27s%20loses%20%24212K%20in%20construction%20scam%2C%20police%20say&ep.content_keywords=&ep.distributor_name=Gray%20TV%20Stations%20(English)&ep.distributor_category=staff&ep.distributor_subcategory=gray-original-content&ep.distributor_reference_id=6c4d5d7a-69c6-483e-8ffd-871ff31dbadb&ep.distributor_model=reference_denormalized&ep.output_type=default&ep.has_video=true&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&tfd=1889
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTQ191V2PM&l=RCdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 51ms
18ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XTQ191V2PM&cid=1765686019.1705100296&gtm=45je41a0v890217420z879832192&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTQ191V2PM&l=RCdataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 37ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XTQ191V2PM&cid=1765686019.1705100296&gtm=45je41a0v890217420z879832192&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1541656709

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 48ms
17ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-22223248-23&cid=1765686019.1705100296&jid=117616235&gjid=887480481&_gid=1361826526.1705100296&_u=YGBACEAABAAAACAAI~&z=1067724056

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 Jan 2024 22:58:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 117ms
83ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

c2bacd1c75c86a25cab6e257d911e0e50b9e811f1e296071066e7d619d96abd2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
an-x-request-uuid: dc972d4a-c4d8-4040-852d-e8c01504a059
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.14news.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.132; 138.199.38.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
313 B 98ms
78ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c3f30e13dd1c75af600fc9ef76e9ee016dee2480b72e70a817433c22edf1a9

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBW%2BmOaBkTH%2F9F9xHtYg6jXDzLsigMKDzLf3Ob3CDN%2BCv603HbwmMBj4sW%2By%2FB4fkMzyulcuBIIiWg7VfUxZZN8Ca1aF5OAiBsSCmidtr4b2Q7U55uoTBhf6rRrmHV1UtHiGAcBa"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.14news.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 844900d11fc42c16-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 65ms
16ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=406
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.14news.com
date: Fri, 12 Jan 2024 22:58:15 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
304 B 96ms
81ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc57af050f429a7b560c12ddb9e9f6d3bd666ab5141c4c575771ba2c16e79bdc

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16aFwJYnKmPat78hS791DsYYn6wCk4JQaFe3Nxm9F8OPcUYURKANoyr5ZlxfPKlCl3Jc3kDIFAadnHhqt9pxs63EgCkjbQgqte0BOV63B01FiYet8m30p%2FyNsZKefZkDDv6mwfYM"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.14news.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 844900d11fc32c16-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 65ms
20ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=439
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.14news.com
date: Fri, 12 Jan 2024 22:58:15 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 158ms
131ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

d2a7420ffc6a0b02d1d989f076c95a79ee0c52bf786b86ee02677ee0757636e5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
an-x-request-uuid: 4865a263-40b6-49e9-b938-fc52431f4359
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.14news.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.132; 138.199.38.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 _.gif
counter.snackly.co/ 0
38 B 145ms
114ms Ping
image/gif 2606:4700:10::6816:49ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/gray_group/mi-scraper-1.17.0.32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://www.14news.com
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 844900d13e9b361d-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Fri, 12 Jan 2024 22:58:15 GMT

POST
H2 200 _.gif
counter.snackly.co/ 0
246 B 144ms
114ms Ping
image/gif 2606:4700:10::6816:49ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/gray_group/mi-scraper-1.17.0.32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://www.14news.com
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 844900d13e9a361d-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Fri, 12 Jan 2024 22:58:15 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
546 B 85ms
77ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061bd84c5a8d909b7cc333ecd68f2247d1b416310bd0e7930a12d6919c8d0127

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvX0KUnPYt2FnhpLSAvosqiBjnDyvgCBNdsMc6fDYPPDBOB0%2FwfAeFIYbNTvsDVRgSGbVkComwNbFlv%2B9lE892kMIJU9pCrduhUtyGWTkEu0rjS5W%2FiJ00U4c9z4X3Gx6KMfz6o0"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.14news.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 844900d11fc52c16-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 178ms
158ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

95eb967be6262a54576a55fa8104a3a2068e1d2ac355ba8a6f7c2ac57a51c873

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
an-x-request-uuid: fc0fa8d9-ab5d-475f-86b1-ba36e8fdffff
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.14news.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.132; 138.199.38.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 114ms
98ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

a06a67881c3075a265604996608a7e9266c8c10b1e3fc21f6904c24123792c5f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
an-x-request-uuid: c8e16926-37ff-4f54-ad69-951db07aa618
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.14news.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.132; 138.199.38.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 54ms
20ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=464
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.14news.com
date: Fri, 12 Jan 2024 22:58:14 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
306 B 104ms
101ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c38e9c181eb2be0fdeadabd24b360e522cf55edc518fc4938a1026ae9a8e7ee

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mb72ZX%2BS8EWnKdzPSmbXdxhqWLBZ3ByBOsOusf4Ah6TzDvscb0yf9tHNm9QqyAQtrhaf43WTSAq2FCvHZpJ1ih3yc9r88Sta8hzf1VrjyQnYeoTmmBjySjUgMEqpkQ91WfyUJbaw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.14news.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 844900d11fc62c16-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 6d6a00fe69d811fab7395e00172e55ef4d4b9b2cef Show response
operationchicken.com/confirm/4c0840032a/ 303 B
811 B 72ms
28ms Fetch
application/json 2600:1901:0:636d::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://operationchicken.com/confirm/4c0840032a/6d6a00fe69d811fab7395e00172e55ef4d4b9b2cef

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2ineXRPNEI4LdZRZwHdt5IFPUH_ba90yIcTz4uUzW4VdiuMPgci2OAPx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

8c087efae3c307d5a0b1f826a155c8997f32630f9fcb9c25c8f2a971f082a869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 12 Jan 2024 22:58:15 GMT
via: 1.1 google
x-buildnumber: 1072352451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.14news.com
x-hostname: fen-hoothoot-europe-west1-spot-0rzn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 12 Jan 2024 22:58:14 GMT

OPTIONS
H3 200 750
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 111ms
111ms Preflight 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/750?story_url=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&visitor=xezqetqn5kevi96k

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.14news.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.14news.com
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844900d1588cbb8c-FRA
date: Fri, 12 Jan 2024 22:58:15 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

POST
H3 200 750 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
528 B 121ms
121ms XHR
application/json 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/750?story_url=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&visitor=xezqetqn5kevi96k

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fc13c4d19b26b1eff2ff38da39bdd90bf75537ad6fe35be2aa340557b0ffb71

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"41-oSndiGqf1p2CSILQclNVwXXT/Bc"
access-control-max-age: 36000
vary: X-HTTP-Method-Override
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.14news.com
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 844900d20fe4904f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H3 200 iframeResizer.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 11 KB
5 KB 22ms
21ms Script
application/javascript 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vz.1.108.14-67f1d066&p=750

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 35500
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Dec 2023 13:36:20 GMT
server: cloudflare
etag: W/"2e2f-18c447e5b90"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 844900d15f67904f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 11 Jan 2025 22:58:15 GMT

GET
H3 200 state-machine.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 17ms
17ms Script
application/javascript 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vz.1.108.14-67f1d066&p=750

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 15495
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 12:24:11 GMT
server: cloudflare
etag: W/"f2a-18c8c555208"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 844900d15f69904f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 11 Jan 2025 22:58:15 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/base/ 16 KB
5 KB 20ms
20ms Script
application/javascript 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vz.1.108.14-67f1d066&p=750

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 35500
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 12:24:11 GMT
server: cloudflare
etag: W/"8abb-18c8c555208"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 844900d15f6a904f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 11 Jan 2025 22:58:15 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/embedded/ 2 KB
1 KB 18ms
18ms Script
application/javascript 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vz.1.108.14-67f1d066&p=750

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:15 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 35500
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 12:24:11 GMT
server: cloudflare
etag: W/"19c7-18c8c55520c"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 844900d15f6d904f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 11 Jan 2025 22:58:15 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-81117537-17&cid=1765686019.1705100296&jid=1791338494&gjid=746946288&_gid=1361826526.1705100296&_u=ACCAgEABCAAAAGAAI~&z=361727399

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 Jan 2024 22:58:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 d6187e4fa455ea04f697fae014d8ca1b2c2ae5 Show response
operationchicken.com/8b02db00497d45/ 3 B
66 B 25ms
25ms Fetch
application/json 2600:1901:0:636d::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://operationchicken.com/8b02db00497d45/d6187e4fa455ea04f697fae014d8ca1b2c2ae5

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2ineXRPNEI4LdZRZwHdt5IFPUH_ba90yIcTz4uUzW4VdiuMPgci2OAPx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 12 Jan 2024 22:58:15 GMT
via: 1.1 google
x-buildnumber: 1072352451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.14news.com
x-hostname: fen-hoothoot-europe-west1-spot-0rzn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 12 Jan 2024 22:58:14 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
18 KB 281ms
280ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3040706438601181&correlator=4178051580712620&eid=31079956%2C31080255%2C31080295%2C31080441%2C44807747%2C31079525%2C21065724&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwfie%2Cweb%2Cnews%2Cindiana&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705100295968&lmt=1705100295&adxs=315&adys=229&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&vis=1&psz=1600x157&msz=1600x125&fws=0&ohw=0&ga_vid=1765686019.1705100296&ga_sid=1705100296&ga_hid=1664613045&ga_fc=true&ga_cid=1361826526.1705100296&dlt=1705100295222&idt=477&prev_scp=pt%3Dstory%26cid%3D5Z7CE2RVRJDJFIOSWRMII7VFEU%26position%3D1%26amznbid%3D2%26amznp%3D2&adks=1538325675&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e42c7f9e59a4121d3449564fa285e3cbb43a43723c0d26960a1d1ea48584f2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18331
x-xss-protection: 0
google-lineitem-id: 6350570526
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138461631163
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5625 6 KB
3 KB 94ms
41ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: Sat, 11 Jan 2025 22:58:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9155 16 KB
6 KB 9ms
9ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=102429
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Fri, 12 Jan 2024 22:58:15 GMT
expires: Sun, 14 Jan 2024 03:25:24 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 4EC3 3 KB
1 KB 47ms
24ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 534
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 844900d20943193b-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: Sat, 13 Jan 2024 02:58:16 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5C74 52 KB
17 KB 56ms
7ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 12 Jan 2024 22:58:16 GMT
ETag: "623de86a-cf34"
Expires: Sat, 13 Jan 2024 22:58:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 9C87 3 KB
1 KB 42ms
21ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 534
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 844900d20945193b-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: Sat, 13 Jan 2024 02:58:16 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6D83 16 KB
6 KB 12ms
10ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=102429
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Fri, 12 Jan 2024 22:58:15 GMT
expires: Sun, 14 Jan 2024 03:25:24 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E541 52 KB
17 KB 49ms
7ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 12 Jan 2024 22:58:16 GMT
ETag: "623de86a-cf34"
Expires: Sat, 13 Jan 2024 22:58:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame DEE7 3 KB
2 KB 37ms
19ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 534
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 844900d20941193b-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: Sat, 13 Jan 2024 02:58:16 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 48DD 3 KB
1 KB 37ms
20ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 534
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 844900d2093c193b-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: Sat, 13 Jan 2024 02:58:16 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6B47 16 KB
6 KB 10ms
10ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=102429
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Fri, 12 Jan 2024 22:58:15 GMT
expires: Sun, 14 Jan 2024 03:25:24 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
17 KB 636ms
634ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3040706438601181&correlator=4178051580712620&eid=31079956%2C31080255%2C31080295%2C31080441%2C44807747%2C31079525%2C21065724&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwfie%2Cweb%2Cnews%2Cindiana&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600%7C300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705100295984&lmt=1705100295&adxs=1135&adys=1186&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&vis=1&psz=300x317&msz=300x285&fws=512&ohw=0&ga_vid=1765686019.1705100296&ga_sid=1705100296&ga_hid=1664613045&ga_fc=true&ga_cid=1361826526.1705100296&dlt=1705100295222&idt=477&prev_scp=pt%3Dstory%26cid%3D5Z7CE2RVRJDJFIOSWRMII7VFEU%26position%3D2%26amznbid%3D2%26amznp%3D2&adks=4107785288&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8640ae72685c66453d878540f6a525fb1efdaf429a0dbbf19e5e3c4aac89c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17832
x-xss-protection: 0
google-lineitem-id: 6350570526
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138461631160
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9155 0
42 B 87ms
17ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4153318&p=161733&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
17 KB 957ms
957ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3040706438601181&correlator=4178051580712620&eid=31079956%2C31080255%2C31080295%2C31080441%2C44807747%2C31079525%2C21065724&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwfie%2Cweb%2Cnews%2Cindiana&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600%7C300x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705100296008&lmt=1705100295&adxs=1135&adys=370&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&vis=1&psz=300x301&msz=300x285&fws=512&ohw=0&ga_vid=1765686019.1705100296&ga_sid=1705100296&ga_hid=1664613045&ga_fc=true&ga_cid=1361826526.1705100296&dlt=1705100295222&idt=477&prev_scp=pt%3Dstory%26cid%3D5Z7CE2RVRJDJFIOSWRMII7VFEU%26position%3D1%26amznbid%3D2%26amznp%3D2&adks=3273924756&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d697ea3fb5356f1689035dff4c72208896ec8cf85009fa7e2ac5a2e15176c2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17842
x-xss-protection: 0
google-lineitem-id: 6350570526
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138461081990
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 9D47
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
839 B

22ms
22ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac739e13d1b49733fe94e5c12fd737eabc9f94792b84e12b52b77a3c757cf0ea

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 844900d268bd2c16-FRA
content-encoding: br
content-type: text/html
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcCwZVnkU0vPuyhnIxaj4jTtnIlo3pQqu19dYBEho61oex%2BDCGEmUMCb94nYKEIVATlzcjj2kakBFM%2FxFmGAQ0N4mLYZ4hDm5gT9X%2FQf8NjUFNQSRCczKj73DNUuwNAPuAM%2F6J7HG2N%2BZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 844900d248a82c16-FRA
content-length: 0
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBgy8Nu8zBiNxqdY73kNUxitA3N3zXImYA7fLQmDb6JCA%2BYRjCA1SBT7NxwrD%2FEjc02Ird41TlQihVB%2BnT72t0LYScPQhrOckuv3Y%2FHA7pSiuVRvMMEchZy%2BolwNpeLwoebFKmu7oAuGrA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame ED94
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
791 B

23ms
23ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f50c96922fcb3115da46fd6f0fd8dcd6f463db55d60a5bd7962ac30cfda554b

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 844900d268c02c16-FRA
content-encoding: br
content-type: text/html
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBQAdxIwmVuCRkLXKDov1r88CoHZEms6RUHP0wIVRY8DUmYvemQ2EAuzVfkjJGeM7xDB0oyWUvMGj2ePFOcu0z68EGN%2FYxR9CclXomzo3RRVj2X4%2FPUulVqJKzLQ8PdpMo9YlpBGY4%2BdVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 844900d248a92c16-FRA
content-length: 0
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7tRztyHc2JIxvWgHKZEBnee9w389p5%2BLqWIiWSoT0%2BjJc%2BiZZESqCs1%2BAwhrS2aR5rFgaGuzQbw8JzPbPyYOdYYrHJEIpCi7vtb8hDSHqF2irOfi4naUTZl995gqghyFFnpu0KRsVbU2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 7E83
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
791 B

25ms
24ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c33d8450e31c71dd1a35d526dd75e77a5cf41ff93e7befc69b2f0d4410c7c6f

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 844900d258bc2c16-FRA
content-encoding: br
content-type: text/html
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5gNwxxdu1ANzkGhzs4IAN%2BcMrfhSvfHHsSXbK%2BxGRumj4lqlK%2F809ryVxpU7V1ZLZkqp2mjGFleX%2F%2FmepW6NmJaJCPVeHQVY1Eu1fgiqwPFe3Pw0fQE4o4amqQ7edYEkYqACQ4Nd6rLwA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 844900d248a72c16-FRA
content-length: 0
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8YQ0yBy6uwH3Eirtdu7H71I%2FC%2FR4W3aoqxwZYmg%2F7Vo0jlD%2BHjJOJA9k%2FYarfeVOghsNoUbYduUu%2BYbuzfJRjd9kqZtFAfG5X4%2F5NlyMy5duCs%2FsJRAjWm%2BarX0regEZbml63xxm0O83g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 3D3C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

1 KB
871 B

22ms
22ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2804798e0407de865804468798d34c70c05168d410a928a3f8ab53e68ff5279e

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 844900d268be2c16-FRA
content-encoding: br
content-type: text/html
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=975DLLzAKKMm9QfzZcYvoBUe%2BfDbKfCskPpFHoVcAsf4DZ%2F0HU5%2BlZl2%2Bo6njWywwtH2aVDlNLs6qgAR40BNBjR5WEyMDT%2FIYiEigZlNRTaQHCW2cv7%2FYn2Uwy%2Bod5ihdKKxQuj6Wcu4Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 844900d248aa2c16-FRA
content-length: 0
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBGo91Q1SJ3Fhq2JFEM7NGTGnlffXAcWtg7ZXUNOu3%2Ff7kAVfXzdDGsNWNULboOdJ46NWl59qGUGHd6GkbwiH973RzPqAkKBZB4Jm1bQKaMG9DrXQD%2FkhJjHgufrNgSSKsQ4Ya0f%2FFrA1w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 1245ms
1245ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3040706438601181&correlator=4178051580712620&eid=31079956%2C31080255%2C31080295%2C31080441%2C44807747%2C31079525%2C21065724&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwfie%2Cweb%2Cnews%2Cindiana&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1024x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705100296038&lmt=1705100295&adxs=288&adys=1109&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1765686019.1705100296&ga_sid=1705100296&ga_hid=1664613045&ga_fc=true&ga_cid=1361826526.1705100296&dlt=1705100295222&idt=477&prev_scp=position%3D101%26pt%3Dstory%26cid%3D5Z7CE2RVRJDJFIOSWRMII7VFEU%26amznbid%3D2%26amznp%3D2&adks=204051294&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cc3b607640a300ede0d38b1446d51328e7b20a74725525697cda1bd211e1ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11090
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame E541 0
765 B 106ms
106ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
an-x-request-uuid: 0b9b8f02-f900-4c62-86ca-6a8c113070ba
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 5C74 0
765 B 13ms
13ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
an-x-request-uuid: f13f969a-5dd7-468c-ab07-baef67556f9d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9D47
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaHECByTT0JzIRClfe9JWgAADUYAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaHECByTT0JzIRClfe9JWgAADUYAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

122ms
121ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaHECByTT0JzIRClfe9JWgAADUYAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 22:58:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TSRZZYZTS00PYTWJB37D
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 22:58:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EFG8QZES1JZTETD38TAW
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaHECByTT0JzIRClfe9JWgAADUYAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 9D47
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaHECByTT0JzIRClfe9JWgAA%263398&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaHECByTT0JzIRClfe9JWgAA%263398&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=3ff546d72a52409d9a0f5668891ba711
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
363 B

472ms
15ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 235518
expires: Fri, 12 Jan 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Fri, 12 Jan 2024 22:58:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 4

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9D47 70 B
148 B 101ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9D47
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaHECGceIg1qSUvyjIeadgAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZaHECGceIg1qSUvyjIeadgAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELGtxt5oIum_Y8fN-1H1Syc&google_cver=1

43 B
735 B

26ms
26ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELGtxt5oIum_Y8fN-1H1Syc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjc7vMExO6sOkKGWIUKIUX09H6ILAhnxyyF1ERm3Np9z95flOWVb%2B6Wge4StwPKh3%2BJllZTg%2BJ9xlccSa84S8ZDqi0wu%2Bvc60xquuGiAUy0veoyGoU8LB3PvPjMJqEtAgu%2BMf7SD3MfoNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d2fd9c5d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELGtxt5oIum_Y8fN-1H1Syc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
r.casalemedia.com/ Frame 9D47
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858&gdpr=0&gdpr_consent=

43 B
335 B

30ms
19ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVmTFMPuz3NPTED0RGp89exlJkOCYYPyQl22hIm4oIznmqBQpY0QxoxmxvmuF0vFLthS2LJslHKUxxa1EjromrU2JC7eOVtN7%2FgTpFYmLjX0gzRFxPUAVPYg2IJfedovG%2Bbq"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d46a212c16-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Fri, 12 Jan 2024 22:58:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=52be1a08-571c-465d-8790-38473e4f79e6-65a1c408-5858&gdpr=0&gdpr_consent=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9D47
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720825096&external_user_id=135bd86b-5265-48c4-bbd0-fb9bc7aa410a

43 B
734 B

33ms
33ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720825096&external_user_id=135bd86b-5265-48c4-bbd0-fb9bc7aa410a
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogIzbN8mGhTeGr0AAYae70ZLUaHjMFBgTNIKf%2Frzc4fKxpkzIg10jW%2BxlvT5bCk9I8fq9BSVurBzl9T%2BXesK9ifw7xn9Z%2F1oe4iIijwYS2%2Fru4VL49IUIxfqyE0DlPr45gpGUsNWJjq3AA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d38dfb5d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720825096&external_user_id=135bd86b-5265-48c4-bbd0-fb9bc7aa410a
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9D47
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=02d06bc6f982462e8c0019b2973d3377&expiration=1707692296

43 B
731 B

25ms
24ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=02d06bc6f982462e8c0019b2973d3377&expiration=1707692296
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BF1fvsRUX1XODoP423FulB2xua0yfq8zmeiSPmivsXZgQpDEHSuvIaclDSv1lK%2FdM7eDStOWTyWU31EYXzrAVOiRAkG5p59yBOi2VcS2%2Fcjp4sWYvhtE1LdpapNfsznn16d%2BLxZZYfwnfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d2dd825d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=02d06bc6f982462e8c0019b2973d3377&expiration=1707692296
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9D47
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559731974286767

43 B
733 B

21ms
21ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559731974286767
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kq9GMwNKy%2Bb6Gmo5FqBKpo2a%2Bz0TyE6fpLKf0NDX7Ep0InVDPhgxzFugRMHYGbkPs9Hgc53Eu2sZ8QrnyNYGErXL8kcVw3rDvo6Lv11pMBoz37JeM4X1a3rdlag18XjaBAX%2FV%2BPFJCDcUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d34dd05d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559731974286767
Date: Fri, 12 Jan 2024 22:58:16 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 9D47 43 B
103 B 23ms
15ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZaHECByTT0JzIRClfe9JWgAA%263398
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 47694
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 844900d299d3193b-FRA
content-length: 43
expires: Sat, 13 Jan 2024 22:58:16 GMT

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 3D3C
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaHECMrz.u9T9PHHf4CBzwAA%261105&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaHECMrz.u9T9PHHf4CBzwAA%261105&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d7e8725aecba4dfeb9604591d2a398e2
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
362 B

529ms
15ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 219801
expires: Fri, 12 Jan 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Fri, 12 Jan 2024 22:58:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 4

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 3D3C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaHECGceIg1qSUvyjIeadgAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZaHECGceIg1qSUvyjIeadgAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF1AF8xL9NObjaXX-FeDNOk&google_cver=1

43 B
732 B

27ms
27ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF1AF8xL9NObjaXX-FeDNOk&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJgdAuvk354cl0avSUSSFSv5b4EIg1FR%2BXtcZ8awo8vbajs39sZtlQOQCOypZKW97ZEvvOIZ%2F1FJTqjLlSsWViJSlNHDODuSf%2B1qlLquBSHPdjrklAN2oGLUWiskCW2HnojP0x2pU4QE0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d2fd9a5d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEF1AF8xL9NObjaXX-FeDNOk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 3D3C 70 B
148 B 99ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 3D3C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaHECMrz-u9T9PHHf4CBzwAABFEAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaHECMrz-u9T9PHHf4CBzwAABFEAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

120ms
120ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaHECMrz-u9T9PHHf4CBzwAABFEAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 22:58:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0GWWFK3KX0KWMGKD3TEJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 22:58:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: M9SDBQRT7QGN9X119JTS
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaHECMrz-u9T9PHHf4CBzwAABFEAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 3D3C
Redirect Chain

https://trace.mediago.io/ju/cs/indexexchange
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=acc8ce730df3ee9e2auafu00lrb8owzw

43 B
732 B

28ms
28ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=acc8ce730df3ee9e2auafu00lrb8owzw
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4MZXvEX8FhwCGdkr7Kl5iwMUgDbBR6HurcpgDq3aw8yrlBCLFw3eqz%2BLbTnlSnI0DCGc0z2fOhVtS%2Ft1BYMOkf1SNKpm5znFyAu82V7BrV%2FVn4gADROVq3l2ONKx152BrKvbvG0vVh2VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d58f315d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=acc8ce730df3ee9e2auafu00lrb8owzw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 3D3C
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455423295431424

43 B
738 B

31ms
31ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455423295431424
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ve45l8oNPj3N7VlBiBa3vrN8Djw%2BR2zqsCbem5XdU%2FO6bYz6uCmEjBmyM%2BfyCIpArXL9Xm5%2Fcu6CpAvP1XFdODke00kqJSydqdIQW%2FijT%2FWNQeIzORLTQffyoATfvcOVgHN7%2BQ154r3sg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d34dd15d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455423295431424
Date: Fri, 12 Jan 2024 22:58:16 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 CookieIndex
rtb.adentifi.com/ Frame 3D3C 0
35 B 287ms
89ms Image
text/plain 50.16.139.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.139.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-139-245.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 3D3C 43 B
146 B 87ms
7ms Image
image/gif 18.197.244.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.244.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-244-187.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 3D3C 43 B
103 B 20ms
14ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZaHECMrz.u9T9PHHf4CBzwAA%261105
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 47694
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 844900d299d6193b-FRA
content-length: 43
expires: Sat, 13 Jan 2024 22:58:16 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 7E83
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaHECByTT0JzIRClfe9JWgAADUYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZaHECByTT0JzIRClfe9JWgAADUYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECTTUbzrRDZqzcBfV2fCmFk&google_cver=1

43 B
733 B

21ms
20ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECTTUbzrRDZqzcBfV2fCmFk&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otJzcgcP9tHryH%2BXc%2FIqoAOSanuB%2F4ruGIwaU8Etkvfqyh2nvxCtXyhpw7JGZOwpnQU2MXwiSpR3vz5in9eg4a%2FXkGeoSXQcvA8638koyq14Q2jILY8fPcWWyOSyWxkfPboXxS0RshaX1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d2fd9b5d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECTTUbzrRDZqzcBfV2fCmFk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 7E83
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaHECByTT0JzIRClfe9JWgAA%263398&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaHECByTT0JzIRClfe9JWgAA%263398&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=fd2d937d4f574b648393e70205a77d3d
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
362 B

475ms
18ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 275355
expires: Fri, 12 Jan 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Fri, 12 Jan 2024 22:58:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 5

GET
H2 200 ZaHECByTT0JzIRClfe9JWgAADUYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7E83 43 B
603 B 100ms
33ms Image
image/gif 2a05:d018:d29:3602:44eb:b5a2:2ad7:b31f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZaHECByTT0JzIRClfe9JWgAADUYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:44eb:b5a2:2ad7:b31f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 7E83
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6454841772227527969

43 B
766 B

21ms
20ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6454841772227527969
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBcp2GxaVIbzVGThQVD924ESHJkRw78p0DQtevT3L%2F8NygBkUTZKle5b9PqcR%2BOfqgovhqtHrcr23Giitcaq69ynTzQBwkdTRympCt94jHY9aAcVRutkqYcYT5XS0xpwqXpNiur5HBwk8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d2bd765d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
an-x-request-uuid: e7e1cffa-e397-493d-a9b7-a715d455c720
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6454841772227527969
x-proxy-origin: 138.199.38.132; 138.199.38.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 7E83
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8015212870793150717&expiration=1706309960

43 B
729 B

20ms
20ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8015212870793150717&expiration=1706309960
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOAAACDJsW1NDp3cRj9CEzyx7F44ZCgEXBLL7EBOwxVETLJVGHu4ifR6kaC975NmdJKH6qSr2Vq2QmSTH4lhPZZg8wYCZf9Pv5iJbt4M2x6YAdG34Hg8gZYAdIzoqfQyMOH80Zfok56MMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d35ddd5d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8015212870793150717&expiration=1706309960
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 7E83
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5e11a3c4-7b55-4485-8fed-767612f36b8b

43 B
737 B

21ms
21ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5e11a3c4-7b55-4485-8fed-767612f36b8b
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0BDbjdwdQUf0XUzbSgfGBLyHIBRAcKXc%2BcC4AUr91f0eNaH9mNo4fIh%2Bu%2FgFuUZDGRQ%2Fd4Mu2QkVZbo%2F6jhV%2BP21aIAqhJDfLWMimEcGAoupZrPCmilkW5mgJ6C%2FBSD8itqnR8ngdYrqg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d2dd845d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5e11a3c4-7b55-4485-8fed-767612f36b8b
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 7E83 0
125 B 82ms
9ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZaHECByTT0JzIRClfe9JWgAADUYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 7E83
Redirect Chain

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZaHECByTT0JzIRClfe9JWgAA%263398
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=30876b27-d254-4ccc-a846-f13d4ae04a84

43 B
738 B

24ms
22ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=30876b27-d254-4ccc-a846-f13d4ae04a84
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIqBI5sEmBuATos3iUMG1eE4yMSTVPnSPn2FuFgYkem%2FUlLjboe%2F5d9O%2Bxn%2FWdOy3IZZjF1IzSi%2FMB%2FqmQKgTG5nlkIffTS9XRvKr9iv9p6K8TA8ohOLxCM9wKRdFPm5SxxSLZwGwSbTTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d32dc05d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=30876b27-d254-4ccc-a846-f13d4ae04a84
Date: Fri, 12 Jan 2024 22:58:16 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 7E83 43 B
103 B 20ms
16ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZaHECByTT0JzIRClfe9JWgAA%263398
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 47694
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 844900d299d7193b-FRA
content-length: 43
expires: Sat, 13 Jan 2024 22:58:16 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame ED94 70 B
149 B 95ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame ED94
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaHECGceIg1qSUvyjIeadgAADIoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZaHECGceIg1qSUvyjIeadgAADIoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMboGg8bX7ZCfFXzhfjiJ9g&google_cver=1

43 B
739 B

28ms
27ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMboGg8bX7ZCfFXzhfjiJ9g&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzSUlyO4Th0CSoWILPS4Xm8vsCjBXYT6l8SG%2FiVFA0kH3%2Fqn8gG%2BvX1%2FPyZ%2B2MT9NBqF2y6D3QareRzdEdWiGp5ncKemWFoWYZKpuc%2BN7Vr63WOvkvk0yyZ5cizbAw4FKaMYLj%2FXTrfQSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d2fd9e5d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMboGg8bX7ZCfFXzhfjiJ9g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame ED94
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaHECGceIg1qSUvyjIeadgAA%263210&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaHECGceIg1qSUvyjIeadgAA%263210&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=fef8e0529bfe4305a0197f9b6bc3b995
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
362 B

474ms
17ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 273293
expires: Fri, 12 Jan 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Fri, 12 Jan 2024 22:58:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame ED94
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZaHECGceIg1qSUvyjIeadgAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZaHECGceIg1qSUvyjIeadgAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIwlxlRyTGLjC5wS-_jF5n0&google_cver=1

43 B
736 B

24ms
24ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIwlxlRyTGLjC5wS-_jF5n0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrM2UFvPk5sX%2BAWMjBTCDqRGf6GYy5zaWS%2F68RqlUK6OimNWHbKewlqfQcmlBQdaNyFOZoYR09bm3oW6JhvcJTtQop4j73oZrDIBI86RpoEWE0YLs5lJw%2F8C%2F99GApZxWZ4%2BkN7Uxz9Pag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d2fd9d5d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIwlxlRyTGLjC5wS-_jF5n0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

crum
dsum.casalemedia.com/ Frame ED94
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4d61aa0d-745a-4011-85765188

43 B
532 B

34ms
22ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4d61aa0d-745a-4011-85765188
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FROXI%2BrSuG0trsV0kZvlSwSa4JQ1XkcJQQtFszKb8PCZsv%2Bc6U8k140I1dArqPXnKj5dph2q%2BpmayOy8zw2gyFGK4%2FlTCtFNlw41fqU7En0Vzj%2FiFmQvLXuSQrCv%2BKCgIVNBfE5T"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d379762c16-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4d61aa0d-745a-4011-85765188
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame ED94
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2984328696174152105

43 B
732 B

26ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2984328696174152105
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtZrYsI756YSFc4U52V47CCR5gz51iJHa3QPof%2Fdmhyc168yWzQs%2BFt91Ni67jAXi2WWlhJWxIawJdT%2F49urEmuNvucoQhnjfsEy2Ud8NFLmefQpFoU0xMXEZ5GwEEPEmCYb3Ui7B%2FH8Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d2dd875d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2984328696174152105
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:15 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame ED94
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
736 B

20ms
19ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOTDw2YJVYu32OKk%2FW2kkQpoLIKk4DjixIJSssPwiozzK2dTjd5xvZ9fDB%2FRgg3IiFq9JJ5EcsrCoqGfIsJ%2B6q3RNZQWyWmRstmSnsedaNh6%2FDDxuuYEAUqjpu%2B1xwTPCu1Aae1FbZBf%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d4dec55d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Fri, 12 Jan 2024 22:58:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame ED94
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720825096&external_user_id=3dad8a88-64bc-4155-91a8-abd08ff700e2

43 B
732 B

31ms
31ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720825096&external_user_id=3dad8a88-64bc-4155-91a8-abd08ff700e2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1sW0Jwg8hsqXaQxds17tEAnDoRNit6bgNqM%2B0%2Fhv9a8PocNERHg%2FMkrxIRFwBXW60SSZGAGWY3hw6Q8rehLQ9I2peFs38UUnXhmFHs84uKhHgfPzUqygacjPNCJthWZwJc80Cf%2BcUtejw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900d38dff5d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720825096&external_user_id=3dad8a88-64bc-4155-91a8-abd08ff700e2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame ED94 43 B
229 B 16ms
13ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZaHECGceIg1qSUvyjIeadgAA%263210
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.14news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 47694
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 844900d299d5193b-FRA
content-length: 43
expires: Sat, 13 Jan 2024 22:58:16 GMT

GET
H2 200 flight-time Show response
gray-config-prod.api.cdn.arcpublishing.com/content/v4/geo-restrictions/ 122 B
487 B 428ms
329ms XHR
application/json 104.115.82.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-config-prod.api.cdn.arcpublishing.com/content/v4/geo-restrictions/flight-time?_id=d2b9ba37-f9bd-40fa-a4c4-3e1b0fcfe5e9

Requested by

Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.115.82.16 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-115-82-16.deploy.static.akamaitechnologies.com

Software

/ Express

Resource Hash

4d58903f2b2fcbd3dc9adbe40c77cd0d3926f9d1b96394ad957ece8edffd7a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

arc-organization: gray
date: Fri, 12 Jan 2024 22:58:16 GMT
content-encoding: gzip
arc-service: api
strict-transport-security: max-age=31536000 ; preload
x-powered-by: Express
arc-context: index
arc-deployment: gray
arc-org-env: gray
arc-route: /content
arc-servername: api.gray.arcpublishing.com
arc-org-name: gray
content-length: 103
etag: W/"7a-ddL8XBPTO8yZOpvdqGyzW9uq4q8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
arc-environment: index
cache-control: max-age=30
arc-application: Content
expires: Fri, 12 Jan 2024 22:58:46 GMT

POST
H2 204 beacon
powa-ingest-prod-us-east-1.video-player.arcpublishing.com/ 0
144 B 302ms
112ms Ping
text/plain 34.204.155.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powa-ingest-prod-us-east-1.video-player.arcpublishing.com/beacon
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.155.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-155-173.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 12 Jan 2024 22:58:16 GMT
access-control-allow-credentials: false
server: awselb/2.0
access-control-allow-headers: *
access-control-allow-methods: *

GET
H2 200 hls.min.js Show response
gray.video-player.arcpublishing.com/vendor/hls.js/0.14.17/ 235 KB
71 KB 65ms
15ms Script
application/javascript 18.238.243.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gray.video-player.arcpublishing.com/vendor/hls.js/0.14.17/hls.min.js?org=gray
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-59.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b7a5a4cc369fbf887fc098793578f308d0b3e1f51c6fdb5765e5b433e1dfc89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:13 GMT
content-encoding: gzip
via: 1.1 11dfc8c750cf42e4f5f3a7296512a1f8.cloudfront.net (CloudFront)
last-modified: Wed, 01 Sep 2021 19:07:50 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P1
age: 12
etag: W/"a24f5fb37dd7ea415852c047b89dbe86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-id: 77ghh_xsfIO0KbTZ7LQgkjR7AvOlm1u53PXg2HDzXpbHJFPHSiLL4w==

GET
H2 200 https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-12-2023%2Ft_6bbd71cfa68b4942bd4e4bcb11524f9d_name_file_1280x720_2000_v3_1_.jpg
gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 95 KB
96 KB 350ms
349ms Image
image/avif 2a02:26f0:480:c::210:f18e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-12-2023%2Ft_6bbd71cfa68b4942bd4e4bcb11524f9d_name_file_1280x720_2000_v3_1_.jpg?auth=81d3d7cfbf18d9402c06158d2d302612d00a12c2b76ffddf18d64c5cee5c23db&width=1920&height=1080&smart=true

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a157a9c961e65d38637a91ab9dfa5317d7d447e991caf9a7967e9f85db9b7da8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Fri, 12 Jan 2024 22:58:16 GMT
strict-transport-security: max-age=86400
last-modified: Tue, 12 Dec 2023 00:31:36 GMT
server: Akamai Image Manager
etag: "8aec9d696965f39ff0a0e4ce46563d2b"
x-arc-request-id: 0.4ef01002.1705100296.f6b1ccb
content-type: image/avif
cache-control: private, no-transform, max-age=31264933
server-timing: cdn-cache; desc=HIT, edge; dur=334, origin; dur=0, ak_p; desc="1705100296115_34664526_258677963_33330_7975_5_0_146";dur=1
content-length: 97421
expires: Wed, 08 Jan 2025 19:40:29 GMT

POST
H2 204 beacon
powa-ingest-prod-us-east-1.video-player.arcpublishing.com/ 0
143 B 206ms
114ms Ping
text/plain 34.204.155.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powa-ingest-prod-us-east-1.video-player.arcpublishing.com/beacon
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.155.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-155-173.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 12 Jan 2024 22:58:16 GMT
access-control-allow-credentials: false
server: awselb/2.0
access-control-allow-headers: *
access-control-allow-methods: *

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 77B9 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusgYNP48CjWoKBouVHMvRyu22-R5jGlcwSx_CNM1FdTm6FWf3A-0z6PJeYJ34tK8laySX_kkCg4neWiz1JJpIqKZOS1RRF0cC1I1-bRNlZvHuWESYtEWk_Vd8ypOzTLwPXruknxKI2DUlIeSRiouOFaLJIi-GcZG6tjuDrPvCC0OfqGpgIq3gGXfQrrrXDytOUM18zW77OmW0dsiYMBpOJ6G-p1i704P3BlXpYImYPouKQL6qkXPSW2jWbNtV3X1b4vFtpFlYElZFSfLVhkpHcggSdztOuPfNJ1Lyy4tPcorRRHJRqZDGOr6cvnPbvS3mrOFsMvfoZIrljKRBq7I-zTbmVUJ-QjIj7KKWTO9m8hwm2SsfY6WGR_s5flmWJAaatvA&sai=AMfl-YT38q9nToGOO3Cd0NhgCJpGI9ramlo4N8_TOucN02zkJqyizf2jkAZSyL4qqu_JilCQUxCaySpuWZoPgb6EpzFbobK6owk1Z2mmS7eA_8J7sjkrosbeIKKIrAYmJIuIsg0fEr_F83bV4WKx1Ned_d6_&sig=Cg0ArKJSzDef-KeppLskEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 77B9 3 KB
2 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 17:58:07 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 77B9 205 KB
65 KB 50ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 22:58:16 GMT

GET
H2 200 9038104955517209423
tpc.googlesyndication.com/simgad/ Frame 77B9 71 KB
71 KB 28ms
8ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9038104955517209423

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57ab771b823835b5ac06e652658012751b8fcb7ae801cc44889b8b5e500f4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 05:28:24 GMT
date: Fri, 12 Jan 2024 05:28:24 GMT
x-content-type-options: nosniff
age: 62992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72491
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 21:01:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 77B9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 979a4488476df65bbb13f7d321ac8bdd35cafd9776e677aee331a75bebe35f92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 77B9 0
0 59ms
44ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0eDTV_TNgbuVYtj6aD-g-p3OE6QCmPW2W-lYMCOrdwGvDy9o_8z37eBLAZxX4kA4lrdpijTTnNht6Vjzdkdo1NB1DxgOfNBEltzzw6UW691pVoz_609v5mXSxlSaTUv_3hw7rcbczSEVpa95sUHNmiWC77tlSzQscztIvWj5maNJpame70MyCDQUfUpM7YrLL0eRscQwMEncfaxFnumvRPJ4kcFYopBHdJtRRv2uOsy-QS3Qk8jPuQYOEpHt-jO0EPeGztQDx6Cjx9YeKWASRyDTLDdEw379DKBFwp2Zze35Hu0-2zgiImKZQflMD2TA8McyQFrfqQnOrJlz4HLmahWVU_HSUUUK76Rb9Z3AUh_ZF3WqBU5gs-R7LaOxDmGxdhrz5&sai=AMfl-YSX_HKiv445Cj9m3HbP8htfeBlVm6S_XgIwQNty6dj-AibnGL1SZXga1tgCtCjgczmhdVdBSR9WY6H3-6S5sIFW-olT4qZpnymfuh9dAJtpCGlsTqGMTlnMvjvUsx3YorPeHOyeXxQ4EU1i4LW2J16i&sig=Cg0ArKJSzMAuufZ4LZq6EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 22:58:16 GMT

GET
H2 200 video-reel.js Show response
cdn.taboola.com/ui-ab-tests/video-reel/ 34 KB
11 KB 9ms
8ms Script
application/x-javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/video-reel/video-reel.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240111-22-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af387702f874418048fe17d5682589c1a68b4ab7011f27c71b77e3abad578d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: HLSK0dS48PxYEmL.HU1u5b2vrm.jVxcP
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:16 GMT
x-amz-request-id: MP5RT8E3Z6390F40
age: 9964
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 10525
x-amz-id-2: yKJ+Gk0AzztRde+l8X2UqOcqvhOsNXxZOs4Rjz++rpzUWHggxlElzxcxqK9DSexDC0ApW8ZGNX0=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Wed, 10 Jan 2024 12:09:30 GMT
server: AmazonS3
x-timer: S1705100297.520090,VS0,VE0
etag: "87634f85cacb54a93f4bf017bbfed127"
vary: Accept-Encoding
content-type: application/x-javascript
abp: 30
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1078

GET
H2 200 video-reel.css
cdn.taboola.com/ui-ab-tests/video-reel/ 12 KB
3 KB 8ms
8ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/video-reel/video-reel.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240111-22-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4898194e21038f32b77d621e873217a3e2d330231b652b55821aaaa9b5dfa9a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: WobMGt7uKvSe3xfEqj.fLsKUAKasiMMc
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:16 GMT
x-amz-request-id: BY8EKMXTNQ2GMT5Y
age: 10127
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2567
x-amz-id-2: C0Ct0XIfv9ouFweDAHaae27fhExZYfZBM8Meh0cw2nDkp30V2/F/g4hJjdV70/ifnchD41N2weU=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Wed, 10 Jan 2024 12:09:28 GMT
server: AmazonS3
x-timer: S1705100297.520152,VS0,VE0
etag: "669227a2548ba02df533c13e7108a184"
vary: Accept-Encoding
content-type: text/css
abp: 8
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1097

GET
H2 200 UnitRecoReelWidgetDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.7.5/ 121 KB
34 KB 25ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitRecoReelWidgetDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240111-22-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1e2f8324ff598954b87892626060523b886af0898c423dd7fb9ae0c639d9841

Request headers

Referer: https://www.14news.com/
Origin: https://www.14news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 5cf26f8164e0cad37f6634ff6aeac4ce.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P5
age: 1062789
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 34453
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Sun, 31 Dec 2023 10:01:09 GMT
server: AmazonS3
x-timer: S1705100297.551439,VS0,VE0
etag: "fb7b995c6bd770ad0ebe701945480c24"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: xS8e5OsXvSmjflogoSUsqQduEa4J3Tt6iQLwvdxMOB_ms1OMtrzAtQ==
x-cache-hits: 8

GET
H2 200 userx.20240111-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
6 KB 10ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20240111-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bebbe726fdc492f9d090ca609389f1e862382a8851bb6b6b6af7c3d88cff81d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: D9.D.igtS8HVGe514SZD55mQ5_To1K9D
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:16 GMT
x-amz-request-id: H3GAFW77KVGX6835
age: 113813
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5540
x-amz-id-2: GyXp9P0akqLCywx75cTIvkmqnKHZAzVrTfflDBuh+ulNmEBdgaGAQm1mn3P2RNH+PM7sMD632N0=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Thu, 11 Jan 2024 15:21:24 GMT
server: AmazonS3
x-timer: S1705100297.535644,VS0,VE0
etag: "83236cf8bd76aeb60b2cda15a5428a9c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 3
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 45370

GET
H2 200 distance-from-article.20240111-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 9ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20240111-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f652d0e25c390489c96f8b617fcf6a3b188f3b5206c0e932133750dfe03df7f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: 0lWm.sDPzqH73CA2.lq4ilpynHQWpC.Y
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:16 GMT
x-amz-request-id: G9G4A7133G4ZYYDS
age: 113753
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1132
x-amz-id-2: 0FP7s6givwhQGH7WLwN5ZXc/FmvSmJmG2/YmgmJvHizK6uW9uzWS6KLyozVS3sZ9+sNkExEQuQ8=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Thu, 11 Jan 2024 15:22:24 GMT
server: AmazonS3
x-timer: S1705100297.535612,VS0,VE0
etag: "8c6f2a7a4b0bf35941ddf64bd153e9b8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 50
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 192741

GET
H2 200 article-detection.20240111-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 12ms
10ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20240111-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2da5a1fe73da03c84740a19a250300cbff20089410277a792ddfc933e3c421fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: kLFz7GcoVhxvpWh4VUY9TeJN154E_M79
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:16 GMT
x-amz-request-id: CBJXRRR6BV1NMP2D
age: 113740
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: Xha7LmPc4Jon95pZ3ErGhITig5h09bHopIMERh5qip3gPIgH0AG8yYNEfF/kqVbGVIlK9BjFkpI=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Thu, 11 Jan 2024 15:22:36 GMT
server: AmazonS3
x-timer: S1705100297.536030,VS0,VE0
etag: "47943bb07c037f18e98542d0f7eb67cf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 22
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 192497

GET
H2 200 article-and-feed-area-scanner.20240111-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 11ms
9ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20240111-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1dd57557b7773be094255e161c41e14eb9b4f53563dbd3ab8f44f6dd7bc549ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: 2QJzWh84WehOh3m3d3jLlJA9SZvRe0oK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:16 GMT
x-amz-request-id: XMW8YX992H97EK9F
age: 113736
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1148
x-amz-id-2: /OZUXtW4OcY33U2dcj3shGsz2MZxBPoaVOt5Q/BKYgUWdk3YTGBDyYcWhTI8RNK3wA8q1tvw4ew=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Thu, 11 Jan 2024 15:22:40 GMT
server: AmazonS3
x-timer: S1705100297.535962,VS0,VE0
etag: "22a9f919d76ad983e8c311d0d8f6f024"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 80
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 72886

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.7.5/ 121 KB
34 KB 25ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240111-22-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7bd96688cbb98c39cc3c0dc22f09cbfd22d353d77b651ebc255cfaedfecdbc5

Request headers

Referer: https://www.14news.com/
Origin: https://www.14news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P5
age: 1083110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 34238
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Sun, 31 Dec 2023 10:01:09 GMT
server: AmazonS3
x-timer: S1705100297.551583,VS0,VE0
etag: "cf9f8c79c74a3093183012fb770abf82"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: vlSrrwuWG6AsTzV7KsViTku81sswjDfAxWS_YBw1JyB0jcrtPyODsg==
x-cache-hits: 132558

GET
H2 200 feed-card-placeholder.20240111-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 9ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20240111-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29c0f1f13d1583fa6e79adbc995ddcfdd1acf1acc7a5be303876a09c4ec3ac28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: FlM7Jj4V_ePMO1JGeuiNzZCV1VixHHEX
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:16 GMT
x-amz-request-id: 566MAR01MK76XVXC
age: 113763
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1263
x-amz-id-2: h/XtY6ViBDinIn/rvPbTPmD+BYeQtKmeVvnc/ZFX17xkb6cFb+UDi6ygYJTu115YDEHjL6W6MNc=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Thu, 11 Jan 2024 15:22:13 GMT
server: AmazonS3
x-timer: S1705100297.535956,VS0,VE0
etag: "19ff19bbca63c4b5ea973437e7d63711"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 95
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 185437

GET
H2 200 explore-more.20240111-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 6ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20240111-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2739074c737b8b5527d9f341f0d4e68b749cacce9a2968635068aa1968316e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: mGHl6ztOcU_mD2bDHbuzQH6RUT1SAoUG
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:16 GMT
x-amz-request-id: B4QXFPMNJCD0ZMK5
age: 113760
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7707
x-amz-id-2: Dmugc7oT/KkX8dZId5JgzwLlKJblAm1LhQCXtwO9XBffKWIiMD2v+OGpSZsHRVvE1RNXzbUiq5Q=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Thu, 11 Jan 2024 15:22:17 GMT
server: AmazonS3
x-timer: S1705100297.549406,VS0,VE0
etag: "7fb7ac3637454d755af16c09b3cd8d6b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 8
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 82724

GET
H2 204 abtests
am-trc-events.taboola.com/graytv-14news/log/3/ 0
230 B 578ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-14news/log/3/abtests?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=f217b70390936ed2bd1bff890f03e4ef&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1705100296521%7D&tim=23%3A58%3A16.521&id=8059&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/graytv-14news/log/3/ 0
231 B 572ms
12ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-14news/log/3/supply-feature?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=f217b70390936ed2bd1bff890f03e4ef&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=23%3A58%3A16.545&id=8483&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 6ms
6ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:16 GMT
x-amz-request-id: Y1PG8J215N22T8P1
age: 117
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1705100297.570252,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 28
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 77

GET
H2 204 social
am-trc-events.taboola.com/graytv-14news/log/3/ 0
230 B 559ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-14news/log/3/social?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=f217b70390936ed2bd1bff890f03e4ef&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Bally%E2%80%99s%20loses%20%24212K%20in%20construction%20scam%2C%20police%20say%22%2C%22sec%22%3A%22Indiana%20News%22%2C%22aut%22%3A%5B%22Jill%20Lyman%22%5D%2C%22img%22%3A%22https%3A%2F%2Fgray-wfie-prod.cdn.arcpublishing.com%2Fresizer%2Fv2%2FZNXXZHRIXJCIZAMTJISGOIPLOA.jpg%3Fauth%3Dbf760af48f96c114d3071166adeddbb45ea3344ba3baac6b8ebf950d652fff06%26width%3D1200%26height%3D600%26smart%3Dtrue%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=23%3A58%3A16.579&id=7312&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/graytv-14news/log/3/ 0
230 B 543ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-14news/log/3/abtests?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=f217b70390936ed2bd1bff890f03e4ef&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1705100296594%7D&tim=23%3A58%3A16.594&id=5662&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/graytv-14news/log/3/ 0
230 B 536ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-14news/log/3/abtests?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=f217b70390936ed2bd1bff890f03e4ef&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1705100296602%7D&tim=23%3A58%3A16.602&id=3556&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 JX63ZLILDJBPXLHBYLLDCD2UXA.JPG%3Fauth%3D65aea3db7c3201d2b322e4510d5650734518a234e104b066661117d1eb7d10eb%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 15 KB
16 KB 12ms
11ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/JX63ZLILDJBPXLHBYLLDCD2UXA.JPG%3Fauth%3D65aea3db7c3201d2b322e4510d5650734518a234e104b066661117d1eb7d10eb%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 81448e1799ba21957b6b575d12c098850d466f11b85aa83c0a9e2e7fd9cd9227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/JX63ZLILDJBPXLHBYLLDCD2UXA.JPG%3Fauth%3D65aea3db7c3201d2b322e4510d5650734518a234e104b066661117d1eb7d10eb%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 408483
edge-cache-tag: 498803279118225770281020948632678485012,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
cache-tag: 498803279118225770281020948632678485012,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 652
req-referer: https://www.14news.com/
content-length: 15434
x-request-id: 6f425f7125f92de1bcec8f69888908a1
x-served-by: cache-iad-kjyo7100109-IAD, cache-iad-kjyo7100151-IAD, cache-lga21949-LGA, cache-iad-kjyo7100042-IAD, cache-fra-etou8220093-FRA
last-modified: Mon, 08 Jan 2024 05:20:10 GMT
server: nginx
surrogate-reporting: width=1140,height=634,bytes=39242,owidth=1200,oheight=600,obytes=38909,ef=(1,13,17,23,30)
x-timer: S1705100297.613350,VS0,VE2
etag: "8af9ce716caeb928d276c650bbbfba28"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 44, 1

GET
H2 200 JREEIITIJVCPTGTCHTJR2RGCFY.JPG%3Fauth%3Dfb7761867a3f41eaeee3f2e87ddea263e5959e66aa4543a23111e2ed4f3233ed%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 14 KB
15 KB 10ms
9ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/JREEIITIJVCPTGTCHTJR2RGCFY.JPG%3Fauth%3Dfb7761867a3f41eaeee3f2e87ddea263e5959e66aa4543a23111e2ed4f3233ed%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ee29092e383c12ba4df6c360743cb8c2e76213b44b872a067153fc47b6a8b5cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/JREEIITIJVCPTGTCHTJR2RGCFY.JPG%3Fauth%3Dfb7761867a3f41eaeee3f2e87ddea263e5959e66aa4543a23111e2ed4f3233ed%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 188706
edge-cache-tag: 314640332158104332090337749396844960036,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 314640332158104332090337749396844960036,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 780
req-referer: https://www.14news.com/
content-length: 14556
x-request-id: 8a720dd08edbfd0786c039a71e0c43e3
x-served-by: cache-iad-kcgs7200125-IAD, cache-iad-kiad7000102-IAD, cache-lax-kwhp1940091-LAX, cache-iad-kcgs7200084-IAD, cache-fra-etou8220093-FRA
last-modified: Wed, 10 Jan 2024 18:22:50 GMT
server: nginx
surrogate-reporting: width=1079,height=600,bytes=32466,owidth=1200,oheight=600,obytes=35528,ef=(1,13,17,23,30)
x-timer: S1705100297.613396,VS0,VE1
etag: "9393e7dc6fc198103d68672a8227f0de"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 10, 1

GET
H2 200 6KJI7LS4PVDVVIB7QIOSE5CYYA.png%3Fauth%3D29ca8bba15f7f06162e14758b664ae980701d48ad15d6cfd22da9c4cad914f88%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 37 KB
38 KB 13ms
12ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/6KJI7LS4PVDVVIB7QIOSE5CYYA.png%3Fauth%3D29ca8bba15f7f06162e14758b664ae980701d48ad15d6cfd22da9c4cad914f88%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f11a4507af103eaad21fc2dc0e52aed1f366af694eb48e54590f10880b79adca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/6KJI7LS4PVDVVIB7QIOSE5CYYA.png%3Fauth%3D29ca8bba15f7f06162e14758b664ae980701d48ad15d6cfd22da9c4cad914f88%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 988549
edge-cache-tag: 442514052666598626936214881242610019120,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
cache-tag: 442514052666598626936214881242610019120,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 704
req-referer: https://www.14news.com/
content-length: 37684
x-request-id: 1dee537846ecfdd8e2703e86d15d74a3
x-served-by: cache-iad-kcgs7200038-IAD, cache-iad-kiad7000167-IAD, cache-lax-kwhp1940088-LAX, cache-iad-kiad7000119-IAD, cache-fra-etou8220093-FRA
last-modified: Mon, 01 Jan 2024 11:45:26 GMT
server: nginx
surrogate-reporting: width=1140,height=634,bytes=61630,owidth=1200,oheight=600,obytes=77326,ef=(1,13,17,23,30)
x-timer: S1705100297.613399,VS0,VE2
etag: "799fd46c91263bdedbeb13434f1bb9cd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 175, 1

GET
H2 200 MNYQMVZIQNCQJPMNRGIQ5UWWKQ.jpg%3Fauth%3De634da7d523d44a6b6d1131b37d9ed844d1b20d2914bf02ab4023973b4ff3780%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 18 KB
19 KB 9ms
9ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/MNYQMVZIQNCQJPMNRGIQ5UWWKQ.jpg%3Fauth%3De634da7d523d44a6b6d1131b37d9ed844d1b20d2914bf02ab4023973b4ff3780%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b2e3942e3500c077fd124f2c39247ee18233993ad858854b27043f15ffdffd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/MNYQMVZIQNCQJPMNRGIQ5UWWKQ.jpg%3Fauth%3De634da7d523d44a6b6d1131b37d9ed844d1b20d2914bf02ab4023973b4ff3780%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 691799
edge-cache-tag: 569236858618520281652625350254109629624,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
cache-tag: 569236858618520281652625350254109629624,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 703
req-referer: https://www.14news.com/
content-length: 18642
x-request-id: 34c83231582fd1ecb109b86dcdec74ca
x-served-by: cache-iad-kjyo7100138-IAD, cache-iad-kjyo7100156-IAD, cache-lax-kwhp1940077-LAX, cache-iad-kiad7000098-IAD, cache-fra-etou8220093-FRA
last-modified: Fri, 15 Dec 2023 01:31:06 GMT
server: nginx
surrogate-reporting: width=1140,height=634,bytes=51416,owidth=1200,oheight=600,obytes=44415,ef=(1,13,17,23,30)
x-timer: S1705100297.613372,VS0,VE1
etag: "8540bbcacf8eda00ff8cc2addbcb3033"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 62, 1

GET
H2 200 8704da5b6ea12b6cba383bca7ceee78b.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 10ms
9ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8704da5b6ea12b6cba383bca7ceee78b.jpeg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8906e30acdf2d0f372ad90a825ed3510a113b3f51b5e5e2ac7f74ad7d8ba1bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8704da5b6ea12b6cba383bca7ceee78b.jpeg
age: 1910853
edge-cache-tag: 583336925285045625114331284941456496016,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 583336925285045625114331284941456496016,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 73
expiration: expiry-date="Sun, 15 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://wanderfreude.eu/
content-length: 19698
x-served-by: cache-iad-kiad7000078-IAD, cache-iad-kiad7000083-IAD, cache-iad-kjyo7100153-IAD, cache-fra-etou8220093-FRA
last-modified: Thu, 14 Sep 2023 12:56:29 GMT
server: nginx
surrogate-reporting: width=560,height=312,bytes=54822,owidth=1500,oheight=1000,obytes=292884
x-timer: S1705100297.613346,VS0,VE1
etag: "81baffbe84a6c62b0b5b71f2bb2cd893"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 4, 1

GET
H2 200 9ef4660844c0d71526ea6f3bcf1c7190.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 36 KB
37 KB 14ms
10ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9ef4660844c0d71526ea6f3bcf1c7190.jpg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 57ecaf05136b87abab16fa79584af9d61d06e003476b8d16a02701179afd8b5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9ef4660844c0d71526ea6f3bcf1c7190.jpg
age: 259095
edge-cache-tag: 367722470797545855738463288781679575637,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 367722470797545855738463288781679575637,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 130
req-referer: https://rp-online.de/
content-length: 36630
x-request-id: f337938ce25e8ee607f817e9ddf0deb3
x-served-by: cache-iad-kiad7000045-IAD, cache-iad-kcgs7200155-IAD, cache-lga21956-LGA, cache-iad-kjyo7100161-IAD, cache-fra-etou8220093-FRA
last-modified: Mon, 08 Jan 2024 15:57:25 GMT
server: nginx
surrogate-reporting: width=1067,height=592,bytes=129539,owidth=1067,oheight=600,obytes=228486,ef=(1,13,17,23,30)
x-timer: S1705100297.627464,VS0,VE2
etag: "7a32db96c5361e6798e7fc9f7a8e66f4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 f0e578e117cc02990a077c6c92d40b26.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 13ms
9ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f0e578e117cc02990a077c6c92d40b26.jpeg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d492cd8e8226a63203ba8928c6420d77ce7250128a9d18c90a280cb281a96e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f0e578e117cc02990a077c6c92d40b26.jpeg
age: 707933
edge-cache-tag: 301431246531348803347100082810889694782,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 301431246531348803347100082810889694782,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 405
req-referer: https://es.besoccer.com/
content-length: 11506
x-request-id: d2c77007cddd0f081f68407fad23c7f4
x-served-by: cache-iad-kcgs7200149-IAD, cache-iad-kjyo7100130-IAD, cache-lga21982-LGA, cache-iad-kcgs7200050-IAD, cache-fra-etou8220093-FRA
last-modified: Wed, 03 Jan 2024 11:50:27 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=19761,owidth=1500,oheight=1000,obytes=750828,ef=(1,13,17,23,30)
x-timer: S1705100297.627427,VS0,VE1
etag: "fe5af847c0a274394677016d9cc9b92e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 19, 1

GET
H2 200 4f312b1665d62820f6a461cde930ee89.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 10ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f312b1665d62820f6a461cde930ee89.jpg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e74f6e99eee62860105ac1405237d857d04fd4670b94b61025895d8a36a88ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f312b1665d62820f6a461cde930ee89.jpg
age: 794469
edge-cache-tag: 494244598695465854741434300270198148595,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 494244598695465854741434300270198148595,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 564
req-referer: https://www.heraldo.es/
content-length: 6026
x-request-id: 5544bab6000f8dc7fdc7557da0df7b1a
x-served-by: cache-iad-kjyo7100039-IAD, cache-iad-kiad7000125-IAD, cache-lax-kwhp1940070-LAX, cache-iad-kcgs7200050-IAD, cache-fra-etou8220093-FRA
last-modified: Wed, 03 Jan 2024 12:01:45 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=11533,owidth=1456,oheight=816,obytes=166108,ef=(1,13,17,23,30)
x-timer: S1705100297.627353,VS0,VE1
etag: "40f84ca4309804801c1ac302aac042fd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 10, 1

GET
H2 200 82a52c460baaf21ab89d75912c158aec.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 12ms
9ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/82a52c460baaf21ab89d75912c158aec.jpeg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 64bc151d9102351bcba4ed0218f66b9c5d17746610c09c0823261b992e69c665

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/82a52c460baaf21ab89d75912c158aec.jpeg
age: 2420310
edge-cache-tag: 408262680754754236933625723761075701479,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 408262680754754236933625723761075701479,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 510
req-referer: https://www.t-online.de/
content-length: 7620
x-request-id: ba2c66a2147bc689028431a357cd3197
x-served-by: cache-iad-kcgs7200128-IAD, cache-iad-kcgs7200178-IAD, cache-lga21955-LGA, cache-iad-kjyo7100066-IAD, cache-fra-etou8220093-FRA
last-modified: Wed, 13 Dec 2023 09:16:03 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=10814,owidth=1600,oheight=1202,obytes=135583,ef=(1,13,17,23,30)
x-timer: S1705100297.627684,VS0,VE1
etag: "2e81b3dd58e9499ff18cb0335649b4de"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 85c4772c-d453-4fbe-8b48-105bbea3bf6f__eBY8g0ka.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 12 KB
13 KB 7ms
7ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/85c4772c-d453-4fbe-8b48-105bbea3bf6f__eBY8g0ka.jpg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e5675452dc9ac36e7b2594cc44e5b30079928c22c1762c91317fefeff2430b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/85c4772c-d453-4fbe-8b48-105bbea3bf6f__eBY8g0ka.jpg
age: 3254948
edge-cache-tag: 386434415599045560634927743343224129133,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 386434415599045560634927743343224129133,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 510
req-referer: https://www.augsburger-allgemeine.de/
content-length: 12778
x-request-id: 32e55dca6b73bb46cd17f972c36ec261
x-served-by: cache-iad-kcgs7200125-IAD, cache-iad-kcgs7200152-IAD, cache-chi-kigq8000071-CHI, cache-iad-kjyo7100081-IAD, cache-fra-etou8220093-FRA
last-modified: Thu, 02 Nov 2023 12:52:37 GMT
server: nginx
surrogate-reporting: width=560,height=312,bytes=25046,owidth=1999,oheight=1309,obytes=131879
x-timer: S1705100297.627719,VS0,VE0
etag: "9dada817d7cae35ae4caa0a9b5d01d24"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 3

GET
H2 200 20ca3920796705f4e953bd5014720ea9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 31 KB
32 KB 9ms
7ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/20ca3920796705f4e953bd5014720ea9.jpg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b37241932f01d06d8f1577adc7ab648c59a42b1a933d8c72c4f5f0156bacd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/20ca3920796705f4e953bd5014720ea9.jpg
age: 2546741
edge-cache-tag: 302935950058188571201508857327343714482,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 302935950058188571201508857327343714482,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 109
expiration: expiry-date="Wed, 27 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.kktv.com/
content-length: 31718
x-served-by: cache-iad-kcgs7200028-IAD, cache-iad-kcgs7200142-IAD, cache-lga21939-LGA, cache-iad-kiad7000031-IAD, cache-fra-etou8220093-FRA
last-modified: Sun, 26 Nov 2023 22:52:46 GMT
server: nginx
surrogate-reporting: width=1140,height=634,bytes=89434,owidth=1200,oheight=634,obytes=142427
x-timer: S1705100297.638150,VS0,VE1
etag: "a21b9c24725f7a30a8d2163defaf25a8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 11063, 1

GET
H2 200 c2ecb2ff8a3a224c21f0843496721d7c.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 10ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c2ecb2ff8a3a224c21f0843496721d7c.jpeg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed866634ca1ce554406640138794d122b9d20cdf8890e0eab112deb400be2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c2ecb2ff8a3a224c21f0843496721d7c.jpeg
age: 454454
edge-cache-tag: 379703823523522206248249204285821017327,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 379703823523522206248249204285821017327,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 608
req-referer: https://www.mjam.eu/
content-length: 9016
x-request-id: e0731c398517e65b3438366f5f286cab
x-served-by: cache-iad-kcgs7200037-IAD, cache-iad-kiad7000166-IAD, cache-lga21930-LGA, cache-iad-kiad7000067-IAD, cache-fra-etou8220093-FRA
last-modified: Fri, 05 Jan 2024 13:55:28 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=18451,owidth=1500,oheight=1000,obytes=349873,ef=(1,13,17,23,30)
x-timer: S1705100297.638150,VS0,VE2
etag: "0b9f1583ec70fc54553ba0cc469ee62e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 7836b95ef1e2bb8d2797aeffe4c75f9a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 11ms
10ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7836b95ef1e2bb8d2797aeffe4c75f9a.jpeg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2cce7b0ac94a9c695151595eee7fc6e0fd0e23428c4502fe071fa4a754e175f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7836b95ef1e2bb8d2797aeffe4c75f9a.jpeg
age: 5055841
edge-cache-tag: 604216802595112336034486751822763373024,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 604216802595112336034486751822763373024,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 999
req-referer: https://happyhunde.de/
content-length: 16716
x-request-id: bdf3f131b3722ea5d8cd029aa9d729f5
x-served-by: cache-iad-kiad7000094-IAD, cache-iad-kiad7000089-IAD, cache-lax10651-LGB, cache-iad-kiad7000154-IAD, cache-fra-etou8220093-FRA
last-modified: Tue, 19 Sep 2023 12:07:53 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=21421,owidth=1500,oheight=1000,obytes=812238
x-timer: S1705100297.638494,VS0,VE3
etag: "729272aa9da2d08d50a4993817456994"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 3, 1

GET
H2 200 fdc8b0c50a0c16c6494fc0367d352ea6.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 9ms
9ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdc8b0c50a0c16c6494fc0367d352ea6.jpeg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 71ebee5042ab8da799a8fd3468d18df2e9569760f2c96f7d95702839e8c85d5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdc8b0c50a0c16c6494fc0367d352ea6.jpeg
age: 598386
edge-cache-tag: 577641646585068870651811615609600417664,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 577641646585068870651811615609600417664,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 696
req-referer: https://www.hoerzu.de/
content-length: 15298
x-request-id: bda8a3d3c6ae827f848740fcba76f546
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kiad7000179-IAD, cache-ewr18174-EWR, cache-iad-kjyo7100087-IAD, cache-fra-etou8220093-FRA
last-modified: Fri, 05 Jan 2024 15:06:28 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=24618,owidth=1500,oheight=1000,obytes=755231,ef=(1,13,17,23,30)
x-timer: S1705100297.638482,VS0,VE2
etag: "dfb4422f065f1f5db5584063eaa7886d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 JX63ZLILDJBPXLHBYLLDCD2UXA.JPG%3Fauth%3D65aea3db7c3201d2b322e4510d5650734518a234e104b066661117d1eb7d10eb%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 16 KB
17 KB 98ms
98ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/JX63ZLILDJBPXLHBYLLDCD2UXA.JPG%3Fauth%3D65aea3db7c3201d2b322e4510d5650734518a234e104b066661117d1eb7d10eb%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ada7c9cafcf80d56e351d84b84b549d7b497b41f857360545cc21106192a2f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 92
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/JX63ZLILDJBPXLHBYLLDCD2UXA.JPG%3Fauth%3D65aea3db7c3201d2b322e4510d5650734518a234e104b066661117d1eb7d10eb%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 233841
edge-cache-tag: 498803279118225770281020948632678485012,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 498803279118225770281020948632678485012,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time: 189
req-referer: https://www.14news.com/
content-length: 16406
x-request-id: d37a4a2b62057a938aa6a1d7c4feefd9
x-served-by: cache-iad-kjyo7100085-IAD, cache-iad-kiad7000036-IAD, cache-ewr18142-EWR, cache-iad-kjyo7100107-IAD, cache-fra-etou8220093-FRA
last-modified: Mon, 08 Jan 2024 05:20:10 GMT
server: nginx
surrogate-reporting: width=1260,height=630,bytes=39298,owidth=1200,oheight=600,obytes=38909,ef=(1,13,17,23,30)
x-timer: S1705100297.638459,VS0,VE92
etag: "1a7a75c7528dbbf45338ed7fc72811df"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 4, 0

GET
H2 200 JREEIITIJVCPTGTCHTJR2RGCFY.JPG%3Fauth%3Dfb7761867a3f41eaeee3f2e87ddea263e5959e66aa4543a23111e2ed4f3233ed%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 15 KB
16 KB 96ms
96ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/JREEIITIJVCPTGTCHTJR2RGCFY.JPG%3Fauth%3Dfb7761867a3f41eaeee3f2e87ddea263e5959e66aa4543a23111e2ed4f3233ed%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 213e664e7b96f91a8650c3e51d4f4619ba80cd86c55b16fab43d5e1678cab070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/JREEIITIJVCPTGTCHTJR2RGCFY.JPG%3Fauth%3Dfb7761867a3f41eaeee3f2e87ddea263e5959e66aa4543a23111e2ed4f3233ed%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 188381
edge-cache-tag: 314640332158104332090337749396844960036,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 314640332158104332090337749396844960036,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 330
req-referer: https://www.14news.com/
content-length: 15576
x-request-id: fd068e8b3a54caa42fcdf2e03100bf5c
x-served-by: cache-iad-kiad7000032-IAD, cache-iad-kjyo7100103-IAD, cache-lax-kwhp1940064-LAX, cache-iad-kjyo7100026-IAD, cache-fra-etou8220093-FRA
last-modified: Wed, 10 Jan 2024 18:22:50 GMT
server: nginx
surrogate-reporting: width=1200,height=600,bytes=26693,owidth=1200,oheight=600,obytes=35528,ef=(1,13,17,23,30)
x-timer: S1705100297.646517,VS0,VE90
etag: "7a0f427aa2adc0cf1e5a21be2e3db337"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 4, 0

GET
H2 200 6KJI7LS4PVDVVIB7QIOSE5CYYA.png%3Fauth%3D29ca8bba15f7f06162e14758b664ae980701d48ad15d6cfd22da9c4cad914f88%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 40 KB
41 KB 103ms
102ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/6KJI7LS4PVDVVIB7QIOSE5CYYA.png%3Fauth%3D29ca8bba15f7f06162e14758b664ae980701d48ad15d6cfd22da9c4cad914f88%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ceafc88969c3ce51e246e5ccc956c874a76729ee0f2757dd474a45a4e36a583e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 95
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/6KJI7LS4PVDVVIB7QIOSE5CYYA.png%3Fauth%3D29ca8bba15f7f06162e14758b664ae980701d48ad15d6cfd22da9c4cad914f88%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 293114
edge-cache-tag: 442514052666598626936214881242610019120,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 442514052666598626936214881242610019120,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time: 282
req-referer: https://www.14news.com/
content-length: 41440
x-request-id: 226d31d370c64e6899d3d12f3e4dcd09
x-served-by: cache-iad-kiad7000130-IAD, cache-iad-kcgs7200041-IAD, cache-lga21933-LGA, cache-iad-kcgs7200152-IAD, cache-fra-etou8220093-FRA
last-modified: Mon, 01 Jan 2024 11:45:26 GMT
server: nginx
surrogate-reporting: width=1260,height=630,bytes=67469,owidth=1200,oheight=600,obytes=77326,ef=(1,13,17,23,30)
x-timer: S1705100297.649476,VS0,VE95
etag: "ef7872259a15a907484d39416bac502e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 1, 0

GET
H2 200 MNYQMVZIQNCQJPMNRGIQ5UWWKQ.jpg%3Fauth%3De634da7d523d44a6b6d1131b37d9ed844d1b20d2914bf02ab4023973b4ff3780%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 19 KB
20 KB 97ms
96ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/MNYQMVZIQNCQJPMNRGIQ5UWWKQ.jpg%3Fauth%3De634da7d523d44a6b6d1131b37d9ed844d1b20d2914bf02ab4023973b4ff3780%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e30e037d864c8a2bc7e75eb1cdf90efa59898cedd3ffe018359f723abbc726e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/MNYQMVZIQNCQJPMNRGIQ5UWWKQ.jpg%3Fauth%3De634da7d523d44a6b6d1131b37d9ed844d1b20d2914bf02ab4023973b4ff3780%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 287494
edge-cache-tag: 569236858618520281652625350254109629624,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
cache-tag: 569236858618520281652625350254109629624,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time: 202
expiration: expiry-date="Sat, 03 Feb 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.14news.com/
content-length: 19498
x-served-by: cache-iad-kiad7000076-IAD, cache-iad-kcgs7200099-IAD, cache-lax-kwhp1940049-LAX, cache-iad-kiad7000116-IAD, cache-fra-etou8220093-FRA
last-modified: Wed, 03 Jan 2024 13:09:44 GMT
server: nginx
surrogate-reporting: width=1260,height=630,bytes=54251,owidth=1200,oheight=600,obytes=44415,ef=(1,13,17,23,30)
x-timer: S1705100297.649451,VS0,VE90
etag: "73594ca1cc8915bf4ba2c7f58087ad2c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 2, 0

GET
H2 200 SNC5TRSMNJCR5MJMOOEMS4Z5HA.png%3Fauth%3D5c909550661684fef4396a336553831a35af1fe0d3cce274879cf4e23a24675a%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 8 KB
9 KB 433ms
433ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/SNC5TRSMNJCR5MJMOOEMS4Z5HA.png%3Fauth%3D5c909550661684fef4396a336553831a35af1fe0d3cce274879cf4e23a24675a%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd7f466942fd97a4045711374f787d5ae4d8dcd165ecffdac19529062fbd4aa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 427
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/SNC5TRSMNJCR5MJMOOEMS4Z5HA.png%3Fauth%3D5c909550661684fef4396a336553831a35af1fe0d3cce274879cf4e23a24675a%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 0
edge-cache-tag: 349993179135800272566579204324467017938,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
cache-tag: 349993179135800272566579204324467017938,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, MISS
x-envoy-upstream-service-time: 276
expiration: expiry-date="Thu, 08 Feb 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.14news.com/
content-length: 8310
x-served-by: cache-iad-kjyo7100102-IAD, cache-iad-kcgs7200141-IAD, cache-lax-kwhp1940102-LAX, cache-iad-kiad7000116-IAD, cache-fra-etou8220093-FRA
last-modified: Mon, 08 Jan 2024 20:57:30 GMT
server: nginx
surrogate-reporting: width=660,height=330,bytes=16802,owidth=1200,oheight=600,obytes=41265,ef=(1,13,17,23,30)
x-timer: S1705100297.649610,VS0,VE427
etag: "4248748344c17a2c80c2a86bfebcd7bc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 8704da5b6ea12b6cba383bca7ceee78b.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 32 KB
33 KB 8ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8704da5b6ea12b6cba383bca7ceee78b.jpeg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1065b76f8f508503c61f9af005835fb71d52355c5f2c77e2946f417abdaa2c9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8704da5b6ea12b6cba383bca7ceee78b.jpeg
age: 3167143
edge-cache-tag: 583336925285045625114331284941456496016,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 583336925285045625114331284941456496016,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 347
req-referer: https://www.tag24.de/sport/fussball/spielabbruch-in-sachsen-bienen-greifen-fussballer-an-2862039
content-length: 33074
x-request-id: d110f5bbfe192c82072f2638e908bfa0
x-served-by: cache-iad-kiad7000137-IAD, cache-iad-kiad7000086-IAD, cache-lga21952-LGA, cache-iad-kiad7000047-IAD, cache-fra-etou8220093-FRA
last-modified: Thu, 18 May 2023 22:31:24 GMT
server: nginx
x-timer: S1705100297.737996,VS0,VE1
etag: "dfffa3630c3accb1e2c6bf8c1ca1fd46"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 0, 1

GET
H2 200 9ef4660844c0d71526ea6f3bcf1c7190.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 76 KB
77 KB 6ms
6ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9ef4660844c0d71526ea6f3bcf1c7190.jpg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 270fd5070205fc001946f3476d38f8914b25f76e088c54fe89bae0934ea86560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9ef4660844c0d71526ea6f3bcf1c7190.jpg
age: 259095
edge-cache-tag: 367722470797545855738463288781679575637,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 367722470797545855738463288781679575637,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 412
req-referer: https://www.t-online.de/
content-length: 77578
x-request-id: f337938ce25e8ee607f817e9ddf0deb3
x-served-by: cache-iad-kiad7000045-IAD, cache-iad-kcgs7200155-IAD, cache-lga21920-LGA, cache-iad-kiad7000069-IAD, cache-fra-etou8220093-FRA
last-modified: Mon, 08 Jan 2024 15:57:25 GMT
server: nginx
surrogate-reporting: width=1067,height=592,bytes=129539,owidth=1067,oheight=600,obytes=228486,ef=(1,13,17,23,30)
x-timer: S1705100297.743673,VS0,VE0
etag: "7a32db96c5361e6798e7fc9f7a8e66f4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 2

GET
H2 200 YNO5C3H4R5DJBBJFSSVV547XAI.jpg%3Fauth%3D99da5c6989ff7502d8f13e9e27e354dea4034908432f550c69bbaa34bfe49370%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 12 KB
13 KB 97ms
96ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/YNO5C3H4R5DJBBJFSSVV547XAI.jpg%3Fauth%3D99da5c6989ff7502d8f13e9e27e354dea4034908432f550c69bbaa34bfe49370%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc30930dda0f7336328eb4208d0ee73e77566ff45a683789ba7c5a894ebb76c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/YNO5C3H4R5DJBBJFSSVV547XAI.jpg%3Fauth%3D99da5c6989ff7502d8f13e9e27e354dea4034908432f550c69bbaa34bfe49370%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 790193
edge-cache-tag: 372861709335879520394173608537973131913,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 372861709335879520394173608537973131913,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time: 238
req-referer: https://www.14news.com/
content-length: 12488
x-request-id: ef4e24d30d31ebf422efe4c49831545d
x-served-by: cache-iad-kjyo7100080-IAD, cache-iad-kjyo7100121-IAD, cache-lax-kwhp1940031-LAX, cache-iad-kcgs7200128-IAD, cache-fra-etou8220093-FRA
last-modified: Fri, 29 Dec 2023 10:22:52 GMT
server: nginx
surrogate-reporting: width=620,height=345,bytes=21554,owidth=1200,oheight=600,obytes=58602,ef=(1,13,17,23,30)
x-timer: S1705100297.747616,VS0,VE90
etag: "4aaeaa4426e6cafdcdf8ab76c8384806"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 139, 0

GET
H2 200 3SLLP4MLH5EI7FZGXQHHYIMFKE.JPG%3Fauth%3Ded252ff70547e8d241be405cd369a94db530e88c4c9497a85ddac198c68e4e22%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 15 KB
16 KB 93ms
93ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/3SLLP4MLH5EI7FZGXQHHYIMFKE.JPG%3Fauth%3Ded252ff70547e8d241be405cd369a94db530e88c4c9497a85ddac198c68e4e22%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e95f4e8b7b843145c1837465f4039c8bf4a245fdf260c531bc4d18a2e49ea172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 87
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/3SLLP4MLH5EI7FZGXQHHYIMFKE.JPG%3Fauth%3Ded252ff70547e8d241be405cd369a94db530e88c4c9497a85ddac198c68e4e22%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 10713
edge-cache-tag: 394951746937266919051529415495156705073,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 394951746937266919051529415495156705073,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 465
req-referer: https://www.14news.com/
content-length: 15358
x-request-id: 82eefe81000b30655b9a5283079babb8
x-served-by: cache-iad-kcgs7200137-IAD, cache-iad-kcgs7200154-IAD, cache-lax-kwhp1940072-LAX, cache-iad-kiad7000158-IAD, cache-fra-etou8220093-FRA
last-modified: Fri, 12 Jan 2024 19:45:24 GMT
server: nginx
surrogate-reporting: width=620,height=345,bytes=24919,owidth=1200,oheight=600,obytes=59871,ef=(1,13,17,23,30)
x-timer: S1705100297.747604,VS0,VE87
etag: "e91feb680a3bf67bcd46d7ccd8bc837e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 8, 0

GET
H2 200 3O4RFOIHSBG2PBXQWS55QMTV3A.jpg%3Fauth%3D3013bebe76ed65e14ea153cd946def9467ce9eb281d90065ac1a165841c86ebb%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 23 KB
24 KB 97ms
96ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/3O4RFOIHSBG2PBXQWS55QMTV3A.jpg%3Fauth%3D3013bebe76ed65e14ea153cd946def9467ce9eb281d90065ac1a165841c86ebb%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7cb3ea3206fe5d7b1f6081ff466c74757ba469a9d635d1ec742f09a0421087a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/3O4RFOIHSBG2PBXQWS55QMTV3A.jpg%3Fauth%3D3013bebe76ed65e14ea153cd946def9467ce9eb281d90065ac1a165841c86ebb%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 210704
edge-cache-tag: 591537975104685991240517463783121531658,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 591537975104685991240517463783121531658,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 161
expiration: expiry-date="Fri, 19 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.14news.com/
content-length: 23828
x-served-by: cache-iad-kiad7000021-IAD, cache-iad-kjyo7100035-IAD, cache-lga21943-LGA, cache-iad-kiad7000031-IAD, cache-fra-etou8220093-FRA
last-modified: Tue, 19 Dec 2023 13:11:19 GMT
server: nginx
surrogate-reporting: width=620,height=345,bytes=33899,owidth=1200,oheight=600,obytes=85186,ef=(1,13,17,23,30)
x-timer: S1705100297.752966,VS0,VE90
etag: "cdc61517cac3242bf9368a7992eceaab"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 17, 0

GET
H2 200 UXNFO2RSOJA2XAODUMZNTVUAUQ.JPG%3Fauth%3D2cdecea43171920718ba5f9494d8b36007071089343607f7e4f2ba345937e965%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 18 KB
19 KB 97ms
97ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/UXNFO2RSOJA2XAODUMZNTVUAUQ.JPG%3Fauth%3D2cdecea43171920718ba5f9494d8b36007071089343607f7e4f2ba345937e965%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a0b63791e2277cd2ee789b648b9a671c806db98d510c22576987ba1b2bbb8ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/UXNFO2RSOJA2XAODUMZNTVUAUQ.JPG%3Fauth%3D2cdecea43171920718ba5f9494d8b36007071089343607f7e4f2ba345937e965%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 362526
edge-cache-tag: 457288536390761775190909377537191910857,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 457288536390761775190909377537191910857,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 97
req-referer: https://www.14news.com/
content-length: 18906
x-request-id: ef4cfef42cc9699d9be388dd4aa49c35
x-served-by: cache-iad-kcgs7200140-IAD, cache-iad-kcgs7200177-IAD, cache-lax-kwhp1940113-LAX, cache-iad-kiad7000163-IAD, cache-fra-etou8220093-FRA
last-modified: Mon, 08 Jan 2024 17:29:56 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=36877,owidth=1200,oheight=600,obytes=53559,ef=(1,13,17,23,30)
x-timer: S1705100297.753172,VS0,VE90
etag: "2170b07469a5097d041f1c1068852cc6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 0

GET
H2 200 LM2EBZGTBNKUBBPS3CLYJTXXJI.jpg%3Fauth%3D46e450334fb228251512088904a1a094f40b5b2717d2c598f835cc730cd592a3%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 17 KB
18 KB 1105ms
1105ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/LM2EBZGTBNKUBBPS3CLYJTXXJI.jpg%3Fauth%3D46e450334fb228251512088904a1a094f40b5b2717d2c598f835cc730cd592a3%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1266b2f4d81bd518679a414e72dec16e4ac034d79db7f49a596e7163585b611d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1098
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/LM2EBZGTBNKUBBPS3CLYJTXXJI.jpg%3Fauth%3D46e450334fb228251512088904a1a094f40b5b2717d2c598f835cc730cd592a3%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 0
edge-cache-tag: 306995044407150682240987198071594140327,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 306995044407150682240987198071594140327,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, MISS
x-envoy-upstream-service-time: 942
req-referer: https://www.14news.com/
content-length: 16976
x-request-id: 2ecb3edfc7945e2ecbb4b6b1b98e753f
x-served-by: cache-iad-kcgs7200164-IAD, cache-iad-kjyo7100139-IAD, cache-lax-kwhp1940040-LAX, cache-iad-kjyo7100035-IAD, cache-fra-etou8220093-FRA
last-modified: Fri, 12 Jan 2024 21:39:53 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=41587,owidth=1200,oheight=600,obytes=42417,ef=(1,13,17,23,30)
x-timer: S1705100297.841976,VS0,VE1098
etag: "2b271978c5e4e9615a5827407db0f1fb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 f0e578e117cc02990a077c6c92d40b26.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 40 KB
41 KB 9ms
9ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f0e578e117cc02990a077c6c92d40b26.jpeg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: af8364a15c1a9a4e1f19e6c322cd846ed364fdfcdfc11bbdafbde1643e44fa62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f0e578e117cc02990a077c6c92d40b26.jpeg
age: 730172
edge-cache-tag: 301431246531348803347100082810889694782,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 301431246531348803347100082810889694782,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 206
req-referer: https://herz-fuer-tiere.de/
content-length: 41142
x-request-id: c5f55218c85dd4b651c4f60f64c0a072
x-served-by: cache-iad-kcgs7200088-IAD, cache-iad-kiad7000118-IAD, cache-lax-kwhp1940048-LAX, cache-iad-kjyo7100021-IAD, cache-fra-etou8220093-FRA
last-modified: Wed, 03 Jan 2024 11:50:27 GMT
server: nginx
surrogate-reporting: width=1500,height=833,bytes=179977,owidth=1500,oheight=1000,obytes=750828,ef=(1,13,17,23,30)
x-timer: S1705100297.845028,VS0,VE3
etag: "0a7262e41d1cee37f11810fd91f9e3ea"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 37, 1

GET
H2 200 4f312b1665d62820f6a461cde930ee89.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 9ms
7ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f312b1665d62820f6a461cde930ee89.jpg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 467b7f66c25d0d7a52a220a8b4db5404f17ae600331f77adbca2799799fed5df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f312b1665d62820f6a461cde930ee89.jpg
age: 813563
edge-cache-tag: 494244598695465854741434300270198148595,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 494244598695465854741434300270198148595,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 234
req-referer: https://www.hogarmania.com/
content-length: 15290
x-request-id: c0da4cff10255e43c2f451708367acb2
x-served-by: cache-iad-kiad7000100-IAD, cache-iad-kcgs7200089-IAD, cache-lga21973-LGA, cache-iad-kiad7000039-IAD, cache-fra-etou8220093-FRA
last-modified: Wed, 03 Jan 2024 12:01:45 GMT
server: nginx
surrogate-reporting: width=1456,height=808,bytes=85298,owidth=1456,oheight=816,obytes=166108,ef=(1,13,17,23,30)
x-timer: S1705100297.851394,VS0,VE1
etag: "808545a31471b5921bae5bf917c55f2d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 2, 2, 1

GET
H2 200 WMYPOBF6KRD5LPNPXCU636J3LE.JPG%3Fauth%3D6e72689040c9ad7afa667663de70257ae344cbb758104293c374ce496da91663%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 68 KB
69 KB 97ms
97ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/WMYPOBF6KRD5LPNPXCU636J3LE.JPG%3Fauth%3D6e72689040c9ad7afa667663de70257ae344cbb758104293c374ce496da91663%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e3dbcf954026adcc7c128a402c2ab0fbccdb17459cbbbca8897da1edbf3f449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/WMYPOBF6KRD5LPNPXCU636J3LE.JPG%3Fauth%3D6e72689040c9ad7afa667663de70257ae344cbb758104293c374ce496da91663%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 4318
edge-cache-tag: 526187702094942758894631729400510625865,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 526187702094942758894631729400510625865,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 656
req-referer: https://www.14news.com/
content-length: 69364
x-request-id: bee13978ed47237f5a97bedab553ae34
x-served-by: cache-iad-kcgs7200129-IAD, cache-iad-kiad7000159-IAD, cache-lax-kwhp1940091-LAX, cache-iad-kiad7000136-IAD, cache-fra-etou8220093-FRA
last-modified: Fri, 12 Jan 2024 20:50:06 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=91981,owidth=1200,oheight=600,obytes=115196,ef=(1,13,17,23,30)
x-timer: S1705100297.851348,VS0,VE90
etag: "034b4fbc149dde89680856ea03d930da"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 0

GET
H2 200 J5WELN3U7RBZHN4ARLFVK354RU.jpg%3Fauth%3D222a0384a15dd395537b9bd3087375f121b51f32f9884186c14666353fb8b930%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 15 KB
15 KB 97ms
97ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/J5WELN3U7RBZHN4ARLFVK354RU.jpg%3Fauth%3D222a0384a15dd395537b9bd3087375f121b51f32f9884186c14666353fb8b930%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a8cb2a35b4a53a24d04769da86cd1c74eebfbb085f0e62fbb4806976a29a505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/J5WELN3U7RBZHN4ARLFVK354RU.jpg%3Fauth%3D222a0384a15dd395537b9bd3087375f121b51f32f9884186c14666353fb8b930%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 1379539
edge-cache-tag: 401198527522191107092538224585108716936,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 401198527522191107092538224585108716936,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 251
req-referer: https://www.14news.com/
content-length: 14902
x-request-id: bdfc40ba4f0d789a5bd93716254b94f3
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kcgs7200173-IAD, cache-lax-kwhp1940100-LAX, cache-iad-kcgs7200080-IAD, cache-fra-etou8220093-FRA
last-modified: Wed, 27 Dec 2023 23:42:23 GMT
server: nginx
surrogate-reporting: width=1079,height=600,bytes=35259,owidth=1200,oheight=600,obytes=41818,ef=(1,13,17,23,30)
x-timer: S1705100297.855617,VS0,VE90
etag: "1fc276166372f49bc501a1a75db33dfa"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 32, 0

GET
H2 204 pubs-generic
trc.taboola.com/graytv-14news/log/3/ 0
331 B 19ms
18ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/graytv-14news/log/3/pubs-generic?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=7ba3278bde3c52a3302b23d43717acf2&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22type%22%3A%22videoReel-pageload%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=23%3A58%3A16.622&id=1896&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 12
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7430
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220093-FRA
pragma: no-cache
server: nginx
x-timer: S1705100297.859410,VS0,VE12
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 pubs-generic
trc.taboola.com/graytv-14news/log/3/ 0
66 B 15ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/graytv-14news/log/3/pubs-generic?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=7ba3278bde3c52a3302b23d43717acf2&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22type%22%3A%22videoReel-available%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=23%3A58%3A16.623&id=3045&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 12 Jan 2024 22:58:16 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7503
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220093-FRA
pragma: no-cache
server: nginx
x-timer: S1705100297.878549,VS0,VE8
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/graytv-14news/trc/3/ 37 KB
11 KB 804ms
803ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-14news/trc/3/json?tim=23%3A58%3A16.625&route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&data=%7B%22id%22%3A787%2C%22ii%22%3A%22%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA%22%2C%22ui%22%3A%22fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987%22%2C%22uifp%22%3A%22fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987%22%2C%22lbt%22%3A1705089874811%2C%22vi%22%3A1705100295668%2C%22cv%22%3A%2220240111-22-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%7D%2C%22ar%22%3A%7B%22md%22%3A%222023-12-11T22%3A13%3A50.215Z%22%2C%22ti%22%3A%22Bally%E2%80%99s%20loses%20%24212K%20in%20construction%20scam%2C%20police%20say%22%2C%22th%22%3A%22https%3A%2F%2Fgray-wfie-prod.cdn.arcpublishing.com%2Fresizer%2Fv2%2FZNXXZHRIXJCIZAMTJISGOIPLOA.jpg%3Fauth%3Dbf760af48f96c114d3071166adeddbb45ea3344ba3baac6b8ebf950d652fff06%26width%3D1200%26height%3D600%26smart%3Dtrue%22%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F%22%2C%22vpi%22%3A%22%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6377%2C%22nsid%22%3A%22meredith-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A20%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20New%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20New%22%2C%22cd%22%3A1343.078125%2C%22mw%22%3A938%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10741297%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2CBelow%20Article%20Thumbnails%20New%3Dalternating-thumbnails-a%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240111-22-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2cebf2e07341ef88988be68ddee292052e3db75b0680fdc2416b8040daa85d3d

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 797
date: Fri, 12 Jan 2024 22:58:17 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.3364583333333333
x-fastly-to-nlb-rtt: 7498
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220093-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1705100297.628981,VS0,VE797
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.14news.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 supply-feature
am-trc-events.taboola.com/graytv-14news/log/3/ 0
230 B 249ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-14news/log/3/supply-feature?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=f217b70390936ed2bd1bff890f03e4ef&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2216%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=23%3A58%3A16.633&id=6545&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 502ms
21ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240111-22-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 22:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 21:24:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 22:58:17 GMT

GET
H2 200 spa-detector.20240111-22-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20240111-22-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd4a751b13052d875779496873ab59d9920fbb8fcbc597a2573a429d1c5c8037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: PzWEiJs4pCLjpsp5V6mXNzbyw43fEN6V
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:16 GMT
x-amz-request-id: HJH11D813M667KJW
age: 113792
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 778
x-amz-id-2: ClZnHDk3NClVoxPEiJeciPcXNfPkDgnbqWeA6MJbdyAdbzsK+v2PkEMSFbp02tkoNpIsOajwdcE=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Thu, 11 Jan 2024 15:21:45 GMT
server: AmazonS3
x-timer: S1705100297.652146,VS0,VE0
etag: "f6557b7843570b62d09e015135264c70"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 22
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 86163

GET
H2 204 supply-feature
am-trc-events.taboola.com/graytv-14news/log/3/ 0
230 B 16ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-14news/log/3/supply-feature?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=f217b70390936ed2bd1bff890f03e4ef&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=23%3A58%3A16.643&id=2672&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/graytv-14news/log/3/ 0
230 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-14news/log/3/abtests?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=f217b70390936ed2bd1bff890f03e4ef&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1705100296646%7D&tim=23%3A58%3A16.646&id=5376&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/graytv-14news/log/3/ 0
230 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-14news/log/3/supply-feature?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=f217b70390936ed2bd1bff890f03e4ef&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=23%3A58%3A16.647&id=4572&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/graytv-14news/log/3/ 0
230 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-14news/log/3/abtests?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=f217b70390936ed2bd1bff890f03e4ef&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1705100296648%7D&tim=23%3A58%3A16.648&id=2669&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 052D 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszUz85dH1G7ji-T6OfM6akHZv3otBV-LtmJ0NFNnC3AQzO0k4K32cdFfz_gUfoeV5i7KCuhE7wnaYBEW3xn888S3HNxgf2cXRpl9cmgqpN4-SRKytZ_ad1ESRTV730ezrizkk1I51k23AzHzdEIXZ02z95XQna7ccYKUAc3xR7YeyUrvZQOkdtcPoteATbYHQ5BPVptYF8mVASe7ZLe4MsF4HAd82xS0Cnp9AUzwRH_Bk_5m8av5Qo0zWxRQjVmQYUbFtnI4_XbnDS_otH-rIHnfsLd2F_HpShm-xQZD-twTsy3LHHRwoG2ndgGneqh9dE__1znxdBrbipMi2fpiO3VOuNgnxKUr-b2cfEFim3BHQo8OA0pxWA9UDu6Kc4lPszoQ&sai=AMfl-YT-sPN3e8xrSz05SR406o3e-rXfr_h9jx2z_LSxQI7tO7YgCO99nDkhj1vCp84GSdhYKYNFPG1jHRnUf-WaxQfquIhznF6mXwW-xlpjQt5xFLRW_4s1ojGA90PvyX2_5eFqhYfadtUif7_i_9vv2TAk&sig=Cg0ArKJSzHKS52zspTTlEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 052D 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 17:58:07 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 052D 205 KB
62 KB 465ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c33412ba91028feec6a26b56c72f3ce03a24512785c25247447c2d1e81c8ff13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63127
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 23:32:56 GMT

GET
H2 200 8921906051701414803
tpc.googlesyndication.com/simgad/ Frame 052D 87 KB
87 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8921906051701414803

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f6b6487b374de4c5ace167de1183df866dfddef07289acd65eb3e9b36711e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 05:31:40 GMT
date: Fri, 12 Jan 2024 05:31:40 GMT
x-content-type-options: nosniff
age: 62796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89060
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 21:01:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 052D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 435513353a8242f38aaeaab41474da209cfc89cb0868d9d19eda800c7050680f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 221ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3040706438601181&vrg=202401040101&nw_id=63316753&nslots=4&eid=31079956%2C31080255%2C31080295%2C31080441%2C44807747%2C31079525%2C676982961%2C21065724&pub_url=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&qid=CLHVy8v52IMDFReQ_QcdPQMBxw&iu=%2F63316753%2Fwfie%2Fweb%2Fnews%2Findiana&e=0&ret=728x90&req=970x250%7C970x90%7C728x90&bm=0&efh=1&stk=0&ifi=4

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
2 KB 181ms
175ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=624&height=350&pubid=208401&tagid=1047981&crid=-1&noaop=5&sortOrderType=0&cb=1705100296915&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1588&pt=-1207192232&tz=60&viewable=true&ddast=V885wCLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYMD_AEltBrONb7Nxy0y2kVu02m3WytFyttZtHIbVaDBz2JYbIyCpzWC28W02bpnJNnKLVrvNWjlazta6jcOwGg1mDttyYwUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisBEFNSeeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GJJ3BoNDrEApT6SgtQgjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vqZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-1BIy-M3SFous0FB8dteBhnLZbKfCVuMVpPJZjmcLReTwXA0HI32ZyAmgwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw5jHudiOPza3ZzWZr0cjjckucq8latZxtVibncrlxLtei18f0cU5My-FuiwQDpPYieVqkE93E4ZnshhOTy7NxTRaezWAysWxGps1usVt4bJaJWKI5WaQT2WXfWi0sttVgsFrOjCuXZzIc7lYO08pi8g1GC9ty4q95jLvdyGNza3az2Vo08rjcEudqslYtZ5uVyblcbpzLtej1MX2cE9NyuNs3doPVYjCYLFf7xm6wWgwGk-Vq36EzfFefs9F3OKc9Qqk3tv0LbU6DwmWweH8S02LanR1EJ9_RKXN4lAWd0e_3-_1-v9_v9_sNWs_BbFD4hn2XZxgTyWzZ3NggNhgUsURwkU50lofzdHsrRnOX73MRS5Smi3Silwwmm71islcs9hKH2ez8vMV-z8vzliwmW7fGb_ecLq-P6em3uzUfh9st-JudHpdb83BexBLB6SKdiF7G00X9Rw6xGc4Vy-VcM5wrNpNVAgAAAAAAAACwBNNMNwEAAABwMojhZDjcrdPBTCaD4XC1XAAWV6G6fqLMWajDT9Z2XQjNKxcq2k0Va-yxhrM8nKfbWzGau3yfKwMAKDhkttlnBLFWq2UNAABAABsAAEAAN914E0AWxf3___-PAwAAICOHHgAAgP8-oKaZmZmZmRl-BbFYDEb7B6BCrNVqdbuxVqsVkCB2i8kE_v___xMEAAAAAABYASsIAAAAAACA8wI!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=0&ctsldr=0&dtagid=3220885&dpubid=182887&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!esv_vC!lvlstst-in2_vB!lvlstst1_vB!rbcatc_vB!t45!video-reel_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.14news.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitRecoReelWidgetDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 70628e5f4e459e1ac6e79fe6e63273193a92f07f8e7f1e75595aca6fa6d1603b

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 12 Jan 2024 22:58:17 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1471
x-cache: MISS
x-served-by: cache-fra-etou8220093-FRA
pragma: no-cache
server: nginx
x-timer: S1705100297.926554,VS0,VE168
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.14news.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 194ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V885wCLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYMD_AEltBrONb7Nxy0y2kVu02m3WytFyttZtHIbVaDBz2JYbIyCpzWC28W02bpnJNnKLVrvNWjlazta6jcOwGg1mDttyYwUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisBEFNSeeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GJJ3BoNDrEApT6SgtQgjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vqZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-1BIy-M3SFous0FB8dteBhnLZbKfCVuMVpPJZjmcLReTwXA0HI32ZyAmgwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw5jHudiOPza3ZzWZr0cjjckucq8latZxtVibncrlxLtei18f0cU5My-FuiwQDpPYieVqkE93E4ZnshhOTy7NxTRaezWAysWxGps1usVt4bJaJWKI5WaQT2WXfWi0sttVgsFrOjCuXZzIc7lYO08pi8g1GC9ty4q95jLvdyGNza3az2Vo08rjcEudqslYtZ5uVyblcbpzLtej1MX2cE9NyuNs3doPVYjCYLFf7xm6wWgwGk-Vq36EzfFefs9F3OKc9Qqk3tv0LbU6DwmWweH8S02LanR1EJ9_RKXN4lAWd0e_3-_1-v9_v9_sNWs_BbFD4hn2XZxgTyWzZ3NggNhgUsURwkU50lofzdHsrRnOX73MRS5Smi3Silwwmm71islcs9hKH2ez8vMV-z8vzliwmW7fGb_ecLq-P6em3uzUfh9st-JudHpdb83BexBLB6SKdiF7G00X9Rw6xGc4Vy-VcM5wrNpNVAgAAAAAAAACwBNNMNwEAAABwMojhZDjcrdPBTCaD4XC1XAAWV6G6fqLMWajDT9Z2XQjNKxcq2k0Va-yxhrM8nKfbWzGau3yfKwMAKDhkttlnBLFWq2UNAABAABsAAEAAN914E0AWxf3___-PAwAAICOHHgAAgP8-oKaZmZmZmRl-BbFYDEb7B6BCrNVqdbuxVqsVkCB2i8kE_v___xMEAAAAAABYASsIAAAAAACA8wI!&cmcv=&pix=31589837&cb=1705100296911&uv=3373&tms=1705100296911&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!esv_vC!lvlstst-in2_vB!lvlstst1_vB!rbcatc_vB!t45!video-reel_vB&ft=0&unm=RECO_REEL_WIDGET&debug=pn:!sqg:!torgn:1705100293894.9!ts:1705100296911&mntl=1
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
content-length: 0
server: nginx

GET
H2 200 st
imprammp.taboola.com/ 0
101 B 16ms
15ms Image
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V885wCLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYMD_AEltBrONb7Nxy0y2kVu02m3WytFyttZtHIbVaDBz2JYbIyCpzWC28W02bpnJNnKLVrvNWjlazta6jcOwGg1mDttyYwUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisBEFNSeeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GJJ3BoNDrEApT6SgtQgjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vqZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-1BIy-M3SFous0FB8dteBhnLZbKfCVuMVpPJZjmcLReTwXA0HI32ZyAmgwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw5jHudiOPza3ZzWZr0cjjckucq8latZxtVibncrlxLtei18f0cU5My-FuiwQDpPYieVqkE93E4ZnshhOTy7NxTRaezWAysWxGps1usVt4bJaJWKI5WaQT2WXfWi0sttVgsFrOjCuXZzIc7lYO08pi8g1GC9ty4q95jLvdyGNza3az2Vo08rjcEudqslYtZ5uVyblcbpzLtej1MX2cE9NyuNs3doPVYjCYLFf7xm6wWgwGk-Vq36EzfFefs9F3OKc9Qqk3tv0LbU6DwmWweH8S02LanR1EJ9_RKXN4lAWd0e_3-_1-v9_v9_sNWs_BbFD4hn2XZxgTyWzZ3NggNhgUsURwkU50lofzdHsrRnOX73MRS5Smi3Silwwmm71islcs9hKH2ez8vMV-z8vzliwmW7fGb_ecLq-P6em3uzUfh9st-JudHpdb83BexBLB6SKdiF7G00X9Rw6xGc4Vy-VcM5wrNpNVAgAAAAAAAACwBNNMNwEAAABwMojhZDjcrdPBTCaD4XC1XAAWV6G6fqLMWajDT9Z2XQjNKxcq2k0Va-yxhrM8nKfbWzGau3yfKwMAKDhkttlnBLFWq2UNAABAABsAAEAAN914E0AWxf3___-PAwAAICOHHgAAgP8-oKaZmZmZmRl-BbFYDEb7B6BCrNVqdbuxVqsVkCB2i8kE_v___xMEAAAAAABYASsIAAAAAACA8wI!&cmcv=&pix=undefined&cb=1705100296911&uv=3373&tms=1705100296911&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!esv_vC!lvlstst-in2_vB!lvlstst1_vB!rbcatc_vB!t45!video-reel_vB&ft=0&unm=RECO_REEL_WIDGET&aure=false&agl=1&cirid=5306c73c-fd6d-4573-9496-7ca0540fa69c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=false
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish
server: nginx
x-timer: S1705100297.084391,VS0,VE9
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra-etou8220093-FRA

GET
H2 204 abtests
am-trc-events.taboola.com/graytv-14news/log/3/ 0
230 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-14news/log/3/abtests?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=f217b70390936ed2bd1bff890f03e4ef&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22HipLostNoAdjacInFirstWF%22%2C%22type%22%3A%22HipLost%22%2C%22eventTime%22%3A1705100296914%7D&tim=23%3A58%3A16.914&id=9856&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 st Show response
imprammp.taboola.com/ Frame F487 439 B
386 B 19ms
19ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8sAICLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYID-AMl4XDbfYuJwi2a-hVu0cVjWEttwsJYYhsvdxGObLDwTIyAZj8vmW0wcbtHMt3CLNg7LWmIbDtYSw3C5m3hsk4VnYgUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisB8DI9fuL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GPKy9fW7H30hRKRAtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vmZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-5QIy-z3HRSU09NjdhlERdfbYnc4zZ6DnOU7iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8xh3u5HH5tbsZrO1aORxuSXO1WStWs42K5Nzudw4l2vR62P6OCem5XC3RYIBUnuRPC3SiW7i8Ex2w4nJ5dm4JgvPZjCZWDYj02a32C08NstELNGcLNKJ7LJvrRYW22owWC1nxpXLMxkOdyuHaWUx-QajhW058dc8xt1u5LG5NbvZbC0aeVxuiXM1WauWs83K5FwuN87lWvT6mD7OiWk53O0bu8FqMRhMlqt9YzdYLQaDyXK179AZvqvP2eg7nNMeodQb2_6FNqdB4TJYvD-JaTHtzg6ik-_olDk8yoLO6Pf7_X6_3-_3-_0GredgNih8w77LM4yJZLZsbmwQGwyKWCK4SCc6y8N5ur0Vo7nL97mIJUrTRTrRSwaTzV4x2SsWe4nDbHZ-3mK_5-V5SxaTrVvjt3tOl9fH9PTb3ZqPw-0W_M1Oj8uteTgvYongdJFORC_j6aL-I4fYDOeK5XKuGc4Vm8kqAQAAAAAAAABYgmmmmwAAAAA4GcRwMhzu1ulgFpvRaLNaLgCLq1BdP6KBgfgMyqO7LoTmlQsV7aaKNfZYw1keztPtrRjNXb7PlQEAFBwy2-wzglir1bIGAAAggA0AACCAm268CSCL4v7____HAQAAkJFDDwAAgH4fkA4XSr3wIxe_glgsBqP9A1Ah1mq1ut1Yq9UKSBC7xWQC_____wkCAAAAAACsgBUEAAAAAADAeQE!&cmcv=&pix=undefined&cb=1705100296922&uv=3373&tms=1705100296922&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!esv_vC!lvlstst-in2_vB!lvlstst1_vB!rbcatc_vB!t45!ufm!video-reel_vB&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=ccef71ba-4f7a-4ca2-b680-b0897bc62a3b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e3eb9b59b8481a82782d22fcf3f375966c338a74c2eeeccbb32be0322c75998

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 12 Jan 2024 22:58:17 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220093-FRA
x-timer: S1705100297.117791,VS0,VE13

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 3ECB 439 B
524 B 32ms
21ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8sAICLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYID-AMl4XDbfYuJwi2a-hVu0cVjWEttwsJYYhsvdxGObLDwTIyAZj8vmW0wcbtHMt3CLNg7LWmIbDtYSw3C5m3hsk4VnYgUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisB8DI9fuL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GPKy9fW7H30hRKRAtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vmZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-5QIy-z3HRSU09NjdhlERdfbYnc4zZ6DnOU7iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8xh3u5HH5tbsZrO1aORxuSXO1WStWs42K5Nzudw4l2vR62P6OCem5XC3RYIBUnuRPC3SiW7i8Ex2w4nJ5dm4JgvPZjCZWDYj02a32C08NstELNGcLNKJ7LJvrRYW22owWC1nxpXLMxkOdyuHaWUx-QajhW058dc8xt1u5LG5NbvZbC0aeVxuiXM1WauWs83K5FwuN87lWvT6mD7OiWk53O0bu8FqMRhMlqt9YzdYLQaDyXK179AZvqvP2eg7nNMeodQb2_6FNqdB4TJYvD-JaTHtzg6ik-_olDk8yoLO6Pf7_X6_3-_3-_0GredgNih8w77LM4yJZLZsbmwQGwyKWCK4SCc6y8N5ur0Vo7nL97mIJUrTRTrRSwaTzV4x2SsWe4nDbHZ-3mK_5-V5SxaTrVvjt3tOl9fH9PTb3ZqPw-0W_M1Oj8uteTgvYongdJFORC_j6aL-I4fYDOeK5XKuGc4Vm8kqAQAAAAAAAABYgmmmmwAAAAA4GcRwMhzu1ulgFpvRaLNaLgCLq1BdP6KBgfgMyqO7LoTmlQsV7aaKNfZYw1keztPtrRjNXb7PlQEAFBwy2-wzglir1bIGAAAggA0AACCAm268CSCL4v7____HAQAAkJFDDwAAgH4fkA4XSr3wIxe_glgsBqP9A1Ah1mq1ut1Yq9UKSBC7xWQC_____wkCAAAAAACsgBUEAAAAAADAeQE!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 0e3eb9b59b8481a82782d22fcf3f375966c338a74c2eeeccbb32be0322c75998

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 12 Jan 2024 22:58:17 GMT
machineid: 3408
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 48ms
20ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8sAICLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYID-AMl4XDbfYuJwi2a-hVu0cVjWEttwsJYYhsvdxGObLDwTIyAZj8vmW0wcbtHMt3CLNg7LWmIbDtYSw3C5m3hsk4VnYgUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisB8DI9fuL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GPKy9fW7H30hRKRAtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vmZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-5QIy-z3HRSU09NjdhlERdfbYnc4zZ6DnOU7iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8xh3u5HH5tbsZrO1aORxuSXO1WStWs42K5Nzudw4l2vR62P6OCem5XC3RYIBUnuRPC3SiW7i8Ex2w4nJ5dm4JgvPZjCZWDYj02a32C08NstELNGcLNKJ7LJvrRYW22owWC1nxpXLMxkOdyuHaWUx-QajhW058dc8xt1u5LG5NbvZbC0aeVxuiXM1WauWs83K5FwuN87lWvT6mD7OiWk53O0bu8FqMRhMlqt9YzdYLQaDyXK179AZvqvP2eg7nNMeodQb2_6FNqdB4TJYvD-JaTHtzg6ik-_olDk8yoLO6Pf7_X6_3-_3-_0GredgNih8w77LM4yJZLZsbmwQGwyKWCK4SCc6y8N5ur0Vo7nL97mIJUrTRTrRSwaTzV4x2SsWe4nDbHZ-3mK_5-V5SxaTrVvjt3tOl9fH9PTb3ZqPw-0W_M1Oj8uteTgvYongdJFORC_j6aL-I4fYDOeK5XKuGc4Vm8kqAQAAAAAAAABYgmmmmwAAAAA4GcRwMhzu1ulgFpvRaLNaLgCLq1BdP6KBgfgMyqO7LoTmlQsV7aaKNfZYw1keztPtrRjNXb7PlQEAFBwy2-wzglir1bIGAAAggA0AACCAm268CSCL4v7____HAQAAkJFDDwAAgH4fkA4XSr3wIxe_glgsBqP9A1Ah1mq1ut1Yq9UKSBC7xWQC_____wkCAAAAAACsgBUEAAAAAADAeQE!&cmcv=&pix=31589837&cb=1705100296922&uv=3373&tms=1705100296922&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!esv_vC!lvlstst-in2_vB!lvlstst1_vB!rbcatc_vB!t45!ufm!video-reel_vB&ft=0&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1705100293894.9!ts:1705100296922&mntl=1
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
content-length: 0
server: nginx

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9D61 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunGD7_rJEiL2UfTw9f63XrlYbMGT9G3gbKHqiYMYdpN_Ew1ECxqkYtffOrMR4JEUG93U-tTC5scPxCOdDnLSyke6zkdkNLX1kl0hv5GqvIvmDmMqQnJayiPWNf7db37X8LKFCTOJgAj65UJyJ-cvrBupiAvzcTWhVWiGEKFMeLlkhtBNeBYXI8b7wairLMVlipQGrkkeyB66U2fjGHxY7ZYpZMwTMzD7MPzB9WPU9VN8kJxnJ0IChR-QIgdpPgfWkOlrlTOPBCLiwFSsV5_Zewf_jk33ef4SaMRX2E5bWc3fGQNLyZG09mcRPHaXGZSVQt-6USnvb6Gm4evIBhOHME3nBdJ9fItC9eSyVGqv5UXBZHVTAeOUqJVzfP9unZiVvqWA&sai=AMfl-YSxmt0xr6uyoHLje-uIF66yQoEAHaAsl5V09o805pWvofc1wn638vOR8R25hRKwAS7cMYMMjXoRNRjWeptYSHp-IT4DajHHBjVlMDnOSZ37qyiLLjFylhUJ0IFycyOGpotyNcIQPYMhqyGWa2gGaQg&sig=Cg0ArKJSzDqgzb_eKj4fEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9D61 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 17:58:07 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D61 205 KB
65 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 22:58:16 GMT

GET
H2 200 13725370699138604877
tpc.googlesyndication.com/simgad/ Frame 9D61 128 KB
128 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13725370699138604877

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aa0c9b05371634133edb4e47dd8e0b88f86d99fcb2430560ec7ff0ef0ef1bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 05:28:24 GMT
date: Fri, 12 Jan 2024 05:28:24 GMT
x-content-type-options: nosniff
age: 62992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130782
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 21:01:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 9D61 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b5ab9201e2eeea874bff3ed50f642aca2410167f6158a8d713717a33afb1458

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame E541 0
766 B 15ms
15ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
an-x-request-uuid: dbe984ec-1d16-436a-a895-8d6f007af353
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 5C74 0
764 B 16ms
15ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
an-x-request-uuid: 10eb9382-8181-4de5-97ed-03ad024c79a2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_7_3/assets/css/ 60 KB
8 KB 10ms
6ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_7_3/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitRecoReelWidgetDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-meta-mtime: 1704535352
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: KVQD7FSG6JX32KJ3
age: 564874
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1704535353
x-amz-meta-mode: 33188
content-length: 7921
x-amz-id-2: HxHP/FszP+YO130iB0p+93Sf0PAqAfn2wvVk2tGfiC+gIQCVvAlHNa3L0g0/xDdMaAtx55iASd8=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Sat, 06 Jan 2024 10:02:34 GMT
server: AmazonS3-br
x-timer: S1705100297.128433,VS0,VE0
etag: "f7b7155f1c129d09779b1ec80bc9bb24"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 535822

GET
H2 200 cmTagRECO_REEL_WIDGET.js Show response
vidstat.taboola.com/vpaid/units/33_7_3/infra/ 372 KB
85 KB 31ms
29ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagRECO_REEL_WIDGET.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitRecoReelWidgetDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 0925efd0a454e86a5a504b66d15e286a02c6c7a4d5d165074d4876855cad1054

Request headers

Referer: https://www.14news.com/
Origin: https://www.14news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-meta-mtime: 1704535317
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: NB77Y74BZK42ZAZ4
age: 564826
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1704535317
x-amz-meta-mode: 33188
content-length: 86794
x-amz-id-2: Jet6ftaz5O2wALP1X6NTTOkesZeVQthoB5uqbeUcvSBnedQ0ulkUeisDbjm3ooRKUlKBqSwkujY=
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Sat, 06 Jan 2024 10:01:58 GMT
server: AmazonS3-br
x-timer: S1705100297.174518,VS0,VE0
etag: "0168a1b2ce6ba26bb3062fbf8bdbaa7c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 2587

GET
H2 204 abtests
am-trc-events.taboola.com/graytv-14news/log/3/ 0
230 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-14news/log/3/abtests?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=f217b70390936ed2bd1bff890f03e4ef&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100295_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available-spa%22%2C%22eventTime%22%3A1705100297123%7D&tim=23%3A58%3A17.123&id=374&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9D61 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsMhhHbPSS3VEn7yKw-ui0qJajHTfnpgBMeJeKi6xoNCCfYPetD2lMG9cJUNJvV-x3BLQB_3fUIh1J_EkalE5EBF75ULb75iJ2PX-P0FkVYuEWL8M7j1MxnciBLUVOLcEGYQsEr0XfH9XLTtFfMD7dUq6eAzzhtF7iuk2mE6sXdoC80A55h1mzrlrxgMcQkxNtF5mG2iZkQsbcVjp_Z68EnwbtKPHi-STq6aJdA74HNP3iB85jRRwxQamZANXmQ6d1L81y_yO-49svp4erXK6tVwwVaP8A_rIhe7uP2WLdkbCeCoRxOvNBKzsWjU22ACPQ2XvT4H0Z9kul7OVh3A8Uhjf3uj-GqzaFbtQAe8LjXWIDXhLqfAD9JB2WXj740VGDVQyG&sai=AMfl-YSU4rR1KxPg8hcziI2D2mofzjhcUU3Ocr0o642eUQqCCOhDwZx2cmYeR4NVut0mstV1pQ9acLzcFGxmJFy-3xBmozWsFsBw_Yu1IsECCsQ1pBTfvAWO3BlaRo9-pq8kdk16gPZiFZKeIb2OQnDqreg&sig=Cg0ArKJSzLo7h8RO9Ij2EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 22:58:17 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F487 70 B
148 B 31ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8sAICLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYID-AMl4XDbfYuJwi2a-hVu0cVjWEttwsJYYhsvdxGObLDwTIyAZj8vmW0wcbtHMt3CLNg7LWmIbDtYSw3C5m3hsk4VnYgUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisB8DI9fuL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GPKy9fW7H30hRKRAtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vmZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-5QIy-z3HRSU09NjdhlERdfbYnc4zZ6DnOU7iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8xh3u5HH5tbsZrO1aORxuSXO1WStWs42K5Nzudw4l2vR62P6OCem5XC3RYIBUnuRPC3SiW7i8Ex2w4nJ5dm4JgvPZjCZWDYj02a32C08NstELNGcLNKJ7LJvrRYW22owWC1nxpXLMxkOdyuHaWUx-QajhW058dc8xt1u5LG5NbvZbC0aeVxuiXM1WauWs83K5FwuN87lWvT6mD7OiWk53O0bu8FqMRhMlqt9YzdYLQaDyXK179AZvqvP2eg7nNMeodQb2_6FNqdB4TJYvD-JaTHtzg6ik-_olDk8yoLO6Pf7_X6_3-_3-_0GredgNih8w77LM4yJZLZsbmwQGwyKWCK4SCc6y8N5ur0Vo7nL97mIJUrTRTrRSwaTzV4x2SsWe4nDbHZ-3mK_5-V5SxaTrVvjt3tOl9fH9PTb3ZqPw-0W_M1Oj8uteTgvYongdJFORC_j6aL-I4fYDOeK5XKuGc4Vm8kqAQAAAAAAAABYgmmmmwAAAAA4GcRwMhzu1ulgFpvRaLNaLgCLq1BdP6KBgfgMyqO7LoTmlQsV7aaKNfZYw1keztPtrRjNXb7PlQEAFBwy2-wzglir1bIGAAAggA0AACCAm268CSCL4v7____HAQAAkJFDDwAAgH4fkA4XSr3wIxe_glgsBqP9A1Ah1mq1ut1Yq9UKSBC7xWQC_____wkCAAAAAACsgBUEAAAAAADAeQE!&cmcv=&pix=undefined&cb=1705100296922&uv=3373&tms=1705100296922&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!esv_vC!lvlstst-in2_vB!lvlstst1_vB!rbcatc_vB!t45!ufm!video-reel_vB&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=ccef71ba-4f7a-4ca2-b680-b0897bc62a3b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame F487
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-yNstoFZE2oRQ4FnJs_9lcNUpMBUFxHVCIUXF5A--~A

0
98 B

43ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-yNstoFZE2oRQ4FnJs_9lcNUpMBUFxHVCIUXF5A--~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8sAICLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYID-AMl4XDbfYuJwi2a-hVu0cVjWEttwsJYYhsvdxGObLDwTIyAZj8vmW0wcbtHMt3CLNg7LWmIbDtYSw3C5m3hsk4VnYgUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisB8DI9fuL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GPKy9fW7H30hRKRAtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vmZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-5QIy-z3HRSU09NjdhlERdfbYnc4zZ6DnOU7iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8xh3u5HH5tbsZrO1aORxuSXO1WStWs42K5Nzudw4l2vR62P6OCem5XC3RYIBUnuRPC3SiW7i8Ex2w4nJ5dm4JgvPZjCZWDYj02a32C08NstELNGcLNKJ7LJvrRYW22owWC1nxpXLMxkOdyuHaWUx-QajhW058dc8xt1u5LG5NbvZbC0aeVxuiXM1WauWs83K5FwuN87lWvT6mD7OiWk53O0bu8FqMRhMlqt9YzdYLQaDyXK179AZvqvP2eg7nNMeodQb2_6FNqdB4TJYvD-JaTHtzg6ik-_olDk8yoLO6Pf7_X6_3-_3-_0GredgNih8w77LM4yJZLZsbmwQGwyKWCK4SCc6y8N5ur0Vo7nL97mIJUrTRTrRSwaTzV4x2SsWe4nDbHZ-3mK_5-V5SxaTrVvjt3tOl9fH9PTb3ZqPw-0W_M1Oj8uteTgvYongdJFORC_j6aL-I4fYDOeK5XKuGc4Vm8kqAQAAAAAAAABYgmmmmwAAAAA4GcRwMhzu1ulgFpvRaLNaLgCLq1BdP6KBgfgMyqO7LoTmlQsV7aaKNfZYw1keztPtrRjNXb7PlQEAFBwy2-wzglir1bIGAAAggA0AACCAm268CSCL4v7____HAQAAkJFDDwAAgH4fkA4XSr3wIxe_glgsBqP9A1Ah1mq1ut1Yq9UKSBC7xWQC_____wkCAAAAAACsgBUEAAAAAADAeQE!&cmcv=&pix=undefined&cb=1705100296922&uv=3373&tms=1705100296922&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!esv_vC!lvlstst-in2_vB!lvlstst1_vB!rbcatc_vB!t45!ufm!video-reel_vB&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=ccef71ba-4f7a-4ca2-b680-b0897bc62a3b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12870

Redirect headers

date: Fri, 12 Jan 2024 22:58:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-yNstoFZE2oRQ4FnJs_9lcNUpMBUFxHVCIUXF5A--~A
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame F487 0
38 B 10ms
10ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8sAICLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYID-AMl4XDbfYuJwi2a-hVu0cVjWEttwsJYYhsvdxGObLDwTIyAZj8vmW0wcbtHMt3CLNg7LWmIbDtYSw3C5m3hsk4VnYgUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisB8DI9fuL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GPKy9fW7H30hRKRAtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vmZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-5QIy-z3HRSU09NjdhlERdfbYnc4zZ6DnOU7iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8xh3u5HH5tbsZrO1aORxuSXO1WStWs42K5Nzudw4l2vR62P6OCem5XC3RYIBUnuRPC3SiW7i8Ex2w4nJ5dm4JgvPZjCZWDYj02a32C08NstELNGcLNKJ7LJvrRYW22owWC1nxpXLMxkOdyuHaWUx-QajhW058dc8xt1u5LG5NbvZbC0aeVxuiXM1WauWs83K5FwuN87lWvT6mD7OiWk53O0bu8FqMRhMlqt9YzdYLQaDyXK179AZvqvP2eg7nNMeodQb2_6FNqdB4TJYvD-JaTHtzg6ik-_olDk8yoLO6Pf7_X6_3-_3-_0GredgNih8w77LM4yJZLZsbmwQGwyKWCK4SCc6y8N5ur0Vo7nL97mIJUrTRTrRSwaTzV4x2SsWe4nDbHZ-3mK_5-V5SxaTrVvjt3tOl9fH9PTb3ZqPw-0W_M1Oj8uteTgvYongdJFORC_j6aL-I4fYDOeK5XKuGc4Vm8kqAQAAAAAAAABYgmmmmwAAAAA4GcRwMhzu1ulgFpvRaLNaLgCLq1BdP6KBgfgMyqO7LoTmlQsV7aaKNfZYw1keztPtrRjNXb7PlQEAFBwy2-wzglir1bIGAAAggA0AACCAm268CSCL4v7____HAQAAkJFDDwAAgH4fkA4XSr3wIxe_glgsBqP9A1Ah1mq1ut1Yq9UKSBC7xWQC_____wkCAAAAAACsgBUEAAAAAADAeQE!&cmcv=&pix=undefined&cb=1705100296922&uv=3373&tms=1705100296922&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!esv_vC!lvlstst-in2_vB!lvlstst1_vB!rbcatc_vB!t45!ufm!video-reel_vB&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=ccef71ba-4f7a-4ca2-b680-b0897bc62a3b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3ECB 70 B
148 B 31ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8sAICLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYID-AMl4XDbfYuJwi2a-hVu0cVjWEttwsJYYhsvdxGObLDwTIyAZj8vmW0wcbtHMt3CLNg7LWmIbDtYSw3C5m3hsk4VnYgUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisB8DI9fuL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GPKy9fW7H30hRKRAtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vmZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-5QIy-z3HRSU09NjdhlERdfbYnc4zZ6DnOU7iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8xh3u5HH5tbsZrO1aORxuSXO1WStWs42K5Nzudw4l2vR62P6OCem5XC3RYIBUnuRPC3SiW7i8Ex2w4nJ5dm4JgvPZjCZWDYj02a32C08NstELNGcLNKJ7LJvrRYW22owWC1nxpXLMxkOdyuHaWUx-QajhW058dc8xt1u5LG5NbvZbC0aeVxuiXM1WauWs83K5FwuN87lWvT6mD7OiWk53O0bu8FqMRhMlqt9YzdYLQaDyXK179AZvqvP2eg7nNMeodQb2_6FNqdB4TJYvD-JaTHtzg6ik-_olDk8yoLO6Pf7_X6_3-_3-_0GredgNih8w77LM4yJZLZsbmwQGwyKWCK4SCc6y8N5ur0Vo7nL97mIJUrTRTrRSwaTzV4x2SsWe4nDbHZ-3mK_5-V5SxaTrVvjt3tOl9fH9PTb3ZqPw-0W_M1Oj8uteTgvYongdJFORC_j6aL-I4fYDOeK5XKuGc4Vm8kqAQAAAAAAAABYgmmmmwAAAAA4GcRwMhzu1ulgFpvRaLNaLgCLq1BdP6KBgfgMyqO7LoTmlQsV7aaKNfZYw1keztPtrRjNXb7PlQEAFBwy2-wzglir1bIGAAAggA0AACCAm268CSCL4v7____HAQAAkJFDDwAAgH4fkA4XSr3wIxe_glgsBqP9A1Ah1mq1ut1Yq9UKSBC7xWQC_____wkCAAAAAACsgBUEAAAAAADAeQE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 3ECB
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-yNstoFZE2oRQ4FnJs_9lcNUpMBUFxHVCIUXF5A--~A

0
98 B

43ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-yNstoFZE2oRQ4FnJs_9lcNUpMBUFxHVCIUXF5A--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8sAICLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYID-AMl4XDbfYuJwi2a-hVu0cVjWEttwsJYYhsvdxGObLDwTIyAZj8vmW0wcbtHMt3CLNg7LWmIbDtYSw3C5m3hsk4VnYgUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisB8DI9fuL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GPKy9fW7H30hRKRAtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vmZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-5QIy-z3HRSU09NjdhlERdfbYnc4zZ6DnOU7iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8xh3u5HH5tbsZrO1aORxuSXO1WStWs42K5Nzudw4l2vR62P6OCem5XC3RYIBUnuRPC3SiW7i8Ex2w4nJ5dm4JgvPZjCZWDYj02a32C08NstELNGcLNKJ7LJvrRYW22owWC1nxpXLMxkOdyuHaWUx-QajhW058dc8xt1u5LG5NbvZbC0aeVxuiXM1WauWs83K5FwuN87lWvT6mD7OiWk53O0bu8FqMRhMlqt9YzdYLQaDyXK179AZvqvP2eg7nNMeodQb2_6FNqdB4TJYvD-JaTHtzg6ik-_olDk8yoLO6Pf7_X6_3-_3-_0GredgNih8w77LM4yJZLZsbmwQGwyKWCK4SCc6y8N5ur0Vo7nL97mIJUrTRTrRSwaTzV4x2SsWe4nDbHZ-3mK_5-V5SxaTrVvjt3tOl9fH9PTb3ZqPw-0W_M1Oj8uteTgvYongdJFORC_j6aL-I4fYDOeK5XKuGc4Vm8kqAQAAAAAAAABYgmmmmwAAAAA4GcRwMhzu1ulgFpvRaLNaLgCLq1BdP6KBgfgMyqO7LoTmlQsV7aaKNfZYw1keztPtrRjNXb7PlQEAFBwy2-wzglir1bIGAAAggA0AACCAm268CSCL4v7____HAQAAkJFDDwAAgH4fkA4XSr3wIxe_glgsBqP9A1Ah1mq1ut1Yq9UKSBC7xWQC_____wkCAAAAAACsgBUEAAAAAADAeQE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12870

Redirect headers

date: Fri, 12 Jan 2024 22:58:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-yNstoFZE2oRQ4FnJs_9lcNUpMBUFxHVCIUXF5A--~A
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 3ECB 0
15 B 10ms
10ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8sAICLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYID-AMl4XDbfYuJwi2a-hVu0cVjWEttwsJYYhsvdxGObLDwTIyAZj8vmW0wcbtHMt3CLNg7LWmIbDtYSw3C5m3hsk4VnYgUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisB8DI9fuL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GPKy9fW7H30hRKRAtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vmZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-5QIy-z3HRSU09NjdhlERdfbYnc4zZ6DnOU7iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCTwQBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiIY8xh3u5HH5tbsZrO1aORxuSXO1WStWs42K5Nzudw4l2vR62P6OCem5XC3RYIBUnuRPC3SiW7i8Ex2w4nJ5dm4JgvPZjCZWDYj02a32C08NstELNGcLNKJ7LJvrRYW22owWC1nxpXLMxkOdyuHaWUx-QajhW058dc8xt1u5LG5NbvZbC0aeVxuiXM1WauWs83K5FwuN87lWvT6mD7OiWk53O0bu8FqMRhMlqt9YzdYLQaDyXK179AZvqvP2eg7nNMeodQb2_6FNqdB4TJYvD-JaTHtzg6ik-_olDk8yoLO6Pf7_X6_3-_3-_0GredgNih8w77LM4yJZLZsbmwQGwyKWCK4SCc6y8N5ur0Vo7nL97mIJUrTRTrRSwaTzV4x2SsWe4nDbHZ-3mK_5-V5SxaTrVvjt3tOl9fH9PTb3ZqPw-0W_M1Oj8uteTgvYongdJFORC_j6aL-I4fYDOeK5XKuGc4Vm8kqAQAAAAAAAABYgmmmmwAAAAA4GcRwMhzu1ulgFpvRaLNaLgCLq1BdP6KBgfgMyqO7LoTmlQsV7aaKNfZYw1keztPtrRjNXb7PlQEAFBwy2-wzglir1bIGAAAggA0AACCAm268CSCL4v7____HAQAAkJFDDwAAgH4fkA4XSr3wIxe_glgsBqP9A1Ah1mq1ut1Yq9UKSBC7xWQC_____wkCAAAAAACsgBUEAAAAAADAeQE!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 052D 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuArDuFVaWJcX0FDfIflTXHSyF0jxezxVJSmENOz3nDqAPQ1XUMIzUWC_L74CkoJraM8uJPqRbATcrIhsELh1Rnca7InGzf_FLzc2w_YNE21UO2hN18yCwVBDc6EIy1Ff7R55VAj2tmoE9glHZG4fAH-PUAWukUO28InXidfUmMgYda6oY-8i3aePo3iB4FiS7Q81swoCXXD-blBKWmi0Wc47xtjKZpCy69q2bHOZDYzcGQIx60NFv3OZDQ28kpkF-W21KOPH-oX-yFHd8yY2qkb9ySoi024RDB2LzMoAMgEltWKwYp84iiAxtVxN-ftD4MHIe5RJdyL_ZCWwfwLzzskL4a13vRrGHD-irqACT2AhGnB9_-HZtr3r11mIoqZYJjbkaL&sai=AMfl-YQ3ATNdcW8gyXYDGL_utGlZdxIod5h204aiz33Jvs_HC_j8a0Uog19nA9ZODFV0q2taQQyyw1wQBd0jNIv4cAtnt2axQC11pl8BITUIY2VtnSdMvautWLLciolRx5SnUEa0ur_gmhjfEJA4-Xqi5RlP&sig=Cg0ArKJSzOOCdoxDEFwKEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 22:58:17 GMT

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.8.8/ 429 KB
81 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.8/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagRECO_REEL_WIDGET.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: fbd9397e250004ffe02f1429439158659e46f8f0523838525b8fe0877ece2b07

Request headers

Referer: https://www.14news.com/
Origin: https://www.14news.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-meta-mtime: 1704708060
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 19HZNGSXYBZ9B61G
age: 392192
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1704708072
x-amz-meta-mode: 33188
content-length: 82299
x-amz-id-2: QwcxwVjlpKuVVoVss0JKFpF4vnbQ8tSA8XsKfC3vawfZ4Gybr25iWQP/Oga2ZDsYNKRjeKG12sQ=
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Mon, 08 Jan 2024 10:01:13 GMT
server: AmazonS3-br
x-timer: S1705100297.240167,VS0,VE0
etag: "bf8296a4292ff2e1718afad7d768aed4"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 386632

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 168F 439 B
524 B 17ms
14ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V885wCLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYMD_AEltBrONb7Nxy0y2kVu02m3WytFyttZtHIbVaDBz2JYbIyCpzWC28W02bpnJNnKLVrvNWjlazta6jcOwGg1mDttyYwUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisBEFNSeeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GJJ3BoNDrEApT6SgtQgjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vqZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-1BIy-M3SFous0FB8dteBhnLZbKfCVuMVpPJZjmcLReTwXA0HI32ZyAmgwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw5jHudiOPza3ZzWZr0cjjckucq8latZxtVibncrlxLtei18f0cU5My-FuiwQDpPYieVqkE93E4ZnshhOTy7NxTRaezWAysWxGps1usVt4bJaJWKI5WaQT2WXfWi0sttVgsFrOjCuXZzIc7lYO08pi8g1GC9ty4q95jLvdyGNza3az2Vo08rjcEudqslYtZ5uVyblcbpzLtej1MX2cE9NyuNs3doPVYjCYLFf7xm6wWgwGk-Vq36EzfFefs9F3OKc9Qqk3tv0LbU6DwmWweH8S02LanR1EJ9_RKXN4lAWd0e_3-_1-v9_v9_sNWs_BbFD4hn2XZxgTyWzZ3NggNhgUsURwkU50lofzdHsrRnOX73MRS5Smi3Silwwmm71islcs9hKH2ez8vMV-z8vzliwmW7fGb_ecLq-P6em3uzUfh9st-JudHpdb83BexBLB6SKdiF7G00X9Rw6xGc4Vy-VcM5wrNpNVAgAAAAAAAACwBNNMNwEAAABwMojhZDjcrdPBTCaD4XC1XAAWV6G6fqLMWajDT9Z2XQjNKxcq2k0Va-yxhrM8nKfbWzGau3yfKwMAKDhkttlnBLFWq2UNAABAABsAAEAAN914E0AWxf3___-PAwAAICOHHgAAgP8-oKaZmZmZmRl-BbFYDEb7B6BCrNVqdbuxVqsVkCB2i8kE_v___xMEAAAAAABYASsIAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagRECO_REEL_WIDGET.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 0e3eb9b59b8481a82782d22fcf3f375966c338a74c2eeeccbb32be0322c75998

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 12 Jan 2024 22:58:17 GMT
machineid: 3407
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 13ms
6ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.14news.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: WAW51-P3
age: 2530033
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-etou8220093-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1705100297.255638,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits: 1385343

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 168F 70 B
148 B 31ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V885wCLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYMD_AEltBrONb7Nxy0y2kVu02m3WytFyttZtHIbVaDBz2JYbIyCpzWC28W02bpnJNnKLVrvNWjlazta6jcOwGg1mDttyYwUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisBEFNSeeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GJJ3BoNDrEApT6SgtQgjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vqZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-1BIy-M3SFous0FB8dteBhnLZbKfCVuMVpPJZjmcLReTwXA0HI32ZyAmgwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw5jHudiOPza3ZzWZr0cjjckucq8latZxtVibncrlxLtei18f0cU5My-FuiwQDpPYieVqkE93E4ZnshhOTy7NxTRaezWAysWxGps1usVt4bJaJWKI5WaQT2WXfWi0sttVgsFrOjCuXZzIc7lYO08pi8g1GC9ty4q95jLvdyGNza3az2Vo08rjcEudqslYtZ5uVyblcbpzLtej1MX2cE9NyuNs3doPVYjCYLFf7xm6wWgwGk-Vq36EzfFefs9F3OKc9Qqk3tv0LbU6DwmWweH8S02LanR1EJ9_RKXN4lAWd0e_3-_1-v9_v9_sNWs_BbFD4hn2XZxgTyWzZ3NggNhgUsURwkU50lofzdHsrRnOX73MRS5Smi3Silwwmm71islcs9hKH2ez8vMV-z8vzliwmW7fGb_ecLq-P6em3uzUfh9st-JudHpdb83BexBLB6SKdiF7G00X9Rw6xGc4Vy-VcM5wrNpNVAgAAAAAAAACwBNNMNwEAAABwMojhZDjcrdPBTCaD4XC1XAAWV6G6fqLMWajDT9Z2XQjNKxcq2k0Va-yxhrM8nKfbWzGau3yfKwMAKDhkttlnBLFWq2UNAABAABsAAEAAN914E0AWxf3___-PAwAAICOHHgAAgP8-oKaZmZmZmRl-BbFYDEb7B6BCrNVqdbuxVqsVkCB2i8kE_v___xMEAAAAAABYASsIAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 168F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-yNstoFZE2oRQ4FnJs_9lcNUpMBUFxHVCIUXF5A--~A

0
98 B

13ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-yNstoFZE2oRQ4FnJs_9lcNUpMBUFxHVCIUXF5A--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V885wCLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYMD_AEltBrONb7Nxy0y2kVu02m3WytFyttZtHIbVaDBz2JYbIyCpzWC28W02bpnJNnKLVrvNWjlazta6jcOwGg1mDttyYwUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisBEFNSeeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GJJ3BoNDrEApT6SgtQgjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vqZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-1BIy-M3SFous0FB8dteBhnLZbKfCVuMVpPJZjmcLReTwXA0HI32ZyAmgwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw5jHudiOPza3ZzWZr0cjjckucq8latZxtVibncrlxLtei18f0cU5My-FuiwQDpPYieVqkE93E4ZnshhOTy7NxTRaezWAysWxGps1usVt4bJaJWKI5WaQT2WXfWi0sttVgsFrOjCuXZzIc7lYO08pi8g1GC9ty4q95jLvdyGNza3az2Vo08rjcEudqslYtZ5uVyblcbpzLtej1MX2cE9NyuNs3doPVYjCYLFf7xm6wWgwGk-Vq36EzfFefs9F3OKc9Qqk3tv0LbU6DwmWweH8S02LanR1EJ9_RKXN4lAWd0e_3-_1-v9_v9_sNWs_BbFD4hn2XZxgTyWzZ3NggNhgUsURwkU50lofzdHsrRnOX73MRS5Smi3Silwwmm71islcs9hKH2ez8vMV-z8vzliwmW7fGb_ecLq-P6em3uzUfh9st-JudHpdb83BexBLB6SKdiF7G00X9Rw6xGc4Vy-VcM5wrNpNVAgAAAAAAAACwBNNMNwEAAABwMojhZDjcrdPBTCaD4XC1XAAWV6G6fqLMWajDT9Z2XQjNKxcq2k0Va-yxhrM8nKfbWzGau3yfKwMAKDhkttlnBLFWq2UNAABAABsAAEAAN914E0AWxf3___-PAwAAICOHHgAAgP8-oKaZmZmZmRl-BbFYDEb7B6BCrNVqdbuxVqsVkCB2i8kE_v___xMEAAAAAABYASsIAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17394

Redirect headers

date: Fri, 12 Jan 2024 22:58:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-yNstoFZE2oRQ4FnJs_9lcNUpMBUFxHVCIUXF5A--~A
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 168F 0
15 B 9ms
9ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V885wCLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYMD_AEltBrONb7Nxy0y2kVu02m3WytFyttZtHIbVaDBz2JYbIyCpzWC28W02bpnJNnKLVrvNWjlazta6jcOwGg1mDttyYwUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisBEFNSeeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GJJ3BoNDrEApT6SgtQgjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vqZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-1BIy-M3SFous0FB8dteBhnLZbKfCVuMVpPJZjmcLReTwXA0HI32ZyAmgwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw5jHudiOPza3ZzWZr0cjjckucq8latZxtVibncrlxLtei18f0cU5My-FuiwQDpPYieVqkE93E4ZnshhOTy7NxTRaezWAysWxGps1usVt4bJaJWKI5WaQT2WXfWi0sttVgsFrOjCuXZzIc7lYO08pi8g1GC9ty4q95jLvdyGNza3az2Vo08rjcEudqslYtZ5uVyblcbpzLtej1MX2cE9NyuNs3doPVYjCYLFf7xm6wWgwGk-Vq36EzfFefs9F3OKc9Qqk3tv0LbU6DwmWweH8S02LanR1EJ9_RKXN4lAWd0e_3-_1-v9_v9_sNWs_BbFD4hn2XZxgTyWzZ3NggNhgUsURwkU50lofzdHsrRnOX73MRS5Smi3Silwwmm71islcs9hKH2ez8vMV-z8vzliwmW7fGb_ecLq-P6em3uzUfh9st-JudHpdb83BexBLB6SKdiF7G00X9Rw6xGc4Vy-VcM5wrNpNVAgAAAAAAAACwBNNMNwEAAABwMojhZDjcrdPBTCaD4XC1XAAWV6G6fqLMWajDT9Z2XQjNKxcq2k0Va-yxhrM8nKfbWzGau3yfKwMAKDhkttlnBLFWq2UNAABAABsAAEAAN914E0AWxf3___-PAwAAICOHHgAAgP8-oKaZmZmZmRl-BbFYDEb7B6BCrNVqdbuxVqsVkCB2i8kE_v___xMEAAAAAABYASsIAAAAAACA8wI!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 container.html Show response
51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6682 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 22:58:16 GMT
expires: Sat, 11 Jan 2025 22:58:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0945 624 B
689 B 70ms
48ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLify4ECMAE&v=APEucNVoVQ9puWQkCwfX0Ef21ZZ1tAiMjkEPtN2X7kinOMYVPwOWNLAGALoFCDe6uMvW6UDZI_yRhgp5RoHI1c1GiXpL_qBLRjGyOB63Gw36AVvG16d63-ELCONBaLWp4qrA30cE38EVL-wqIOt9ex6ol8o6wzGSRG7dR6RPFK2CxgzgMyDzcNI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 22:58:17 GMT
expires: Fri, 12 Jan 2024 22:58:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9B40 89 KB
31 KB 73ms
70ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 22:58:17 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 9B40
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1878143/77746728/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015387910&ias_pubId=pub-0883126725773026&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

43 B
480 B

12ms
12ms

Image
image/gif

2600:9000:20ab:8c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
Requested by: Host: 51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com
URL: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:20ab:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 73ce513d12556804240bd1d312686daa.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 2784514
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Dz7UlNfPN44uYlt87XxtCtL5LLsy5W3rgnv8cqFaspm3BDYmxnooCA==

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9B40 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 17:58:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9B40 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 19:20:11 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B40 205 KB
65 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 22:58:17 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B40 42 B
110 B 43ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aqj-nxvfKVO0d3MoTaZrmqvmaOTR0QqYJ90FifWkhrp_l0WOfg3Nm8Qo4hJeKJx7P8aHBjCgD9Pf2oDLWFdDOZY4ccZpyGC2w8497LTVu9ELyHKtw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 77B9 42 B
64 B 58ms
44ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEE9mxBGSNfIVX7B8YW7rb_ZABjUeUwuEv9cq55gcYHgMa1w1oUDd4FDnMWjnwdS8hSDIWFA8DN0IJxjyT2oBRPytobofzmC2KazzTfqHFKTdg5NPVDPgsfZZ9E6p-_4poSusoP0sdsc3qBn8zM1mY0Q&sig=Cg0ArKJSzAGlvp1nT3C1EAE&id=lidar2&mcvt=1001&p=229,436,319,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1538325675&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705100296265&rpt=102&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B40 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7557412229830&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B40 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7557412229830&version=m202309260101&ct=76&x=1&cor=17700425428629393000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9B40 93 KB
39 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOL5PhJ91nmJ0SEO2-iKggKdX-6lrph7BKGQ1oI1eM4dpcsp03DtUfwr3FUDePpPoJliTIqfs-1Oy1h2_3NrhI11bOVZZB9gtyA_-ZtCuZGGsJ-uXK1FYpZjX_-2aaj2dxiqOYhTxXTvgjIzSz0n-5UK-31g-CwA32n71f-wB68pG5lu0&dbm_d=AKAmf-BgAYpywMzmxPzFlaM8KOcoA24KNnqoXIMFCbMqVTwIWqedlDgrvfS5DK9c6J-3tNPBDWr20xXcudqhmm475HwXEbeHIn82u2Dm7UHnvZB9XVj15WeTW1qaU3J0EVKT3206hKlkMpEO7hFJZuyUqFKmOoagzAp12QaLdRHsUGS4M0Hxldly3gOoFj6XPIJ7hKKgLi1IDQ-nAHuSfNmkrKSpwteh2i2yEt3sksEhjGb6InAvgZvpnh2tXXmW34AqHXqSZRkDPpSdgm-POlzB6mKfulQsjUN3nBSS9qQT0kVH4oOz1A6wvOVbmT4RauNHe705E5uHOMLEgxWjOAqg2F0ag2mlabj98U4cd354PRwtQ8I1-kAVF5z5-EcLjfNThTVK3fmA_Fu58gbaRTVGh_LjfZ8HY8HCrDiF4iENny7nKpf5JtDKqs4I1_FawzuhO0o8FR3T6cCoPd4rnQQPHRCluh_qKnas2ij0X9EQefu8QZujI5Vb5jCwjXNTKv_KLA7vJetKVOhKPJl8evTbiII2dKeMrDyjDp_98J-xV2ms5MsyDh_6Q8v8fBiWAT2eNbnei8mfoC1GAmo-a2mqKQnEqtIZWONXu3YnAw2MTVRseWi6aLVG1hvfkVlwJtfhg-blkmdgWigU6PhVdFDIaAUhBIyXKoU5Q2XA9ZmobIBHcf9Gfl5XFYfcZ69u5td-z5y-r2zyX2EQMeE9ZkxqKCOD1cMbKVkYtTqV1y1l1mXjidWFCYnNc-DlSI4pwKxmgIpSRZh8gHbi4EYjkF0BGhRM9ZR0b8i7P82HENwrCuiN4_rY61W1yxN2HP087DHXHL01InJVRhWEzK8d4xUYrfeIf49jQPWujqAh5RT3r4Fb4JVIdgBb7VU6a2kQk9W_MShvpH6JIkXeV6_qGP3ZMQFe3SsHIrnVUXujSfR_JGNta3uRe2wBr2acVMVDLnzJyg6J1CevZPFX0me2fY2h6ELqtGVGr2sonnd6qEsaph5EcVg4VZba1b8d3HDfqjCoWVcIjRU6eLp6An7mxAiCBTrK0OSpTkOLM89uSoxrJf4iBnuYmTvh-75KjC1evtawlIkRiJBWaFGNhoAptZXci0nk7V54hj1F8GVB11BG63XFbq2LkK6MLqJs3Jr8pZmhGPVGGNVPreV8-Nr7WPO8UurflIlT-jJ6Fs9_1VvxS4ooGRQL1GME0FV8CHt0_VeWPz1vY7zM3ls2-9m1OUpOAHT0TE1rp9B7fFQIaTU7k8a4N1Te1FtE3YAd5ZwwlK13SbgnBq6Qka5V2NpJ5lqfXlIve_bVbpTbU_yY_7zLrMvKQdaHkOuZ3jr3xk-StKW-KvQZ2ptlemm_QaL7-gcYFXNuya-M3-6rgRyDM-r0cFsqExgPq4ZzArEakLT-7PJJSqbj4asz7-yvk3mZQ8MbuF8mAd0VfHAmLgniHwB8Q70TTRWxCUjhGy-Vl-d-7q44FJSC1zFl-W7oH_RxCe4zEaO0AQJYs2CdCEh2KXUtUe_6iWWOemoD6wKsD499gyvhiengUULJebqcK00jtgCTb8dQM4kz0V_wqM8xJadxsWb6D6Rr9enyqtCvSPOqi5PlA8Z_leGZl_19JXWBrIsZoqMQUxklXpkspVgOfKMKVP_cfNaBuEB1KmG2mjRA1T0HOKnk365lOK13-7uhW30ov8gyW2Rqw3OmN9phKlJoG0yf5twCTRv9wORYdE3W7KHWq_cqOMqiKGgNE0VlE5vTbERh-PHdTF8VhVo0FZEL95doxw0auhao8gZlnr1BK44K4B5j9DDgKb2ZxZIqIC4_2oGA_kNxQN74h9ZrwxfN0IyVxmfa3exNOoyvfJlUmlia050bJzQwXK6AWgMWfx2jZK_V43JMjAzgmynXYClJ7hKs__OAzadJfN0af5jPaXbjz639Hf05pJy1qDD2WRUTWZAQHpuzqfLGeKHMgWCYaUJBMAlMf7_FHJTipX64PjViREgmKbj9GL8FCfg1mCEvsNsghSo2znAXTfv_l3ZEaFFlwNPIssjP_lwbxh_cz8zcFdSb-ByjxwsMTgvxIWV2G7BeKB7RIwyDBgYAUmK_6QnhZC_shV2cqqcQGmGQ3yJko828Upgh6kc-JP5vMFpdl3z9uJKNHTbU1htba9ti81C9--ZwFM_8m9aN5vnfGvJcxg4IChANrfhjphx73gCL1twAbnKi4tvkpY-drRULCZUhPhH0Ws523Nd5O8zbN3WBOdafMj8lrhRAreN0KxZcN5GPCszhM9sTlwKc3N_Uj6D7-VMM3iEfM2FUyekOo3S5bbE5ohQFJ0iZ-vLZXCFOy5g4cvNwi1hBGE18Npq_9a5gIZ3DsTyU5u-GGYHesygI7MA4WqwY07NTqOJJkcB9rHYBitSgM6TeLX_YF11Ur5g-98xvJcMrVUunCvduEqr8HKOj0IXBr2o4_yMYqz58Zn0lGlEVHPFUh9nrjWhRv3KitTpDH4zOKCojGHwtnHvUu_5wn_cbRtzJFAqK9MleelKM4i0KWp4CEPtMJXK2yx9Qtw-X_ylKM4FCDfnGbCfqlUfaLLCBE3NGTT9XLNSrN4lBOwjL_pTEj08VTcaWlc61XGl_JDWLq_xHfLWDAQ8Ao81zcQNUMmItt0cXp2a-hsWpYxi4PHaiAK_kQCQbwnbC1fe4pYURf_OKDx1UQTVEIQ7qayhR0fo6Ci7Y3m0_zBtH1jp_NlXhYvpIn7Ze7DVkO3tRPcMb05iJreTnXO89ugDelQ0tDQKPj9lXIIljSOd9Z_-rEvJnnVfjJEQLtTjX2v1m--nlWu5CqeaH6BnZqiWxydB3HL_aVkntQqIs_po4r6nbld2y4r75yf0AN_usF3FtZHDqlY4OVlmr2iInnByKRpTavmzcah9btoYU_jIrC9ZU4jBJao68SG8jN-OdLxI0flvmM02wu7V10VJUVDvk6X1UDpes1Tnzia5hRshOKRRErg_YDCU5Cn9YUQ7vf_aMIISWi1_gfSy8qOf75lqs0sag8KP-yK86CvxCoi1YLjIwz3XoIN77CYTO9CIuz5doBFskQyWS_NQpA4Melqkz3PuJCimCcP6jVJjwAuqZN2PafCCkO55MuHZWjFFBnZ543D9AxEhJwKOlXWouFS2aMjlxTreCr9u27CCNbfzdqtZLKvEA616IdeCWWTHjwnjrAYBl6cFogbk9XlEZc7aMP86RwLlr-nAlHniwIub1Paj0DKEePdDr0_STfzKKA2E-CW48mpo7pdbx6dU5bNusPvl5SlLCD8YdGUCKaZg7vHVG1vmSZIAk3KH2zPdbINqx3weigjDEZukNmiPYFgiiLkGLUjRyCUrC__Qfx-hYWtOscjVRJyxDcpR429D6-mkCTiFzqRJ3IcZ6zZXPBUE6qyeNkkS5YDKwHgfmkofgQbEnD531O3jAVd3Bi60BIZcVSizvoMCUYPCnttwFfzWbbcUGxvCgIkHDkwXcnOViYPxcBTCq4J-L542AEsko8LwG_3ADMbTl_DFzpL_NbnxMZ7X73YP5igItPjgHwhFO4Hl_S3cZSkuNmusjqq-rJHuLpUlPGLrMIRIIBu2yIB_cIv092Bh7R873JxTwtCYHDZD_dNIspBIkvSI35o2Ao67ofbF1EHFlRD_qT1D2uRqSsZuHVd5zTGAUvqn0twapo60eWCb24X_RYfsgBw4G2X9VYbA1QitAsJVKxjKSn4TC8WUKSFAzef_NVY6kLbjjjcTvTKbpZs2pCig7bqMv0W-TVP1vIcBAdBJDT4NfLQrqvaKSE0vKK1cKdUqeEN5iVVwQQoN_A1hlKw58aIda_Q-6hKwW_6N1OkMnR5u_idoqRicYez72Lbg8sk-OUp5WW7Wipls91VL9m03qYnyhkEu67PFRaaAT1FGrco6TPPWfMbdoV5LEythYEkUxtXMybD0wajtc8tXTWOXeZkPytc7cVn0LH8vmI1uosROCC6C65-7B&cid=CAQSTgAvHhf_lkHrgfUobPwpDFtLYZasvfRoILKo1Wxt1-y6D2_n8NXroYs7A4MH6cv9JxYLnjYKJ4khDm-FPsoBEHjXd-kzLxk5IQONyOTAWRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.14news.com%2F&ds=l&xdt=1&iif=1&cor=17700425428629393000&adk=388007312&idt=78&cac=0&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

708906c5154863a417e3397dbaeab1c3e9d819c2561399d6e914728047a78722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39243
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 071ab26f-7129-4e9b-ad2d-e18a9143f72d
boadedshedisite.com/impression/ 0
1 KB 139ms
21ms Image
text/plain 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boadedshedisite.com/impression/071ab26f-7129-4e9b-ad2d-e18a9143f72d?site=graytv-14news&site_id=1464225&title=%24%7Bcity%3Acapitalized%7D%24%3A+Verlassene+H%C3%A4user+zum+Verkauf+zu+unglaublichen+Preisen&platform=Desktop&campaign_id=31867879&campaign_item_id=3884306973&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F32dbb5d53d34c0edd2b7f06a959db4b8.jpeg&click_id=GiDxeIiIcqb01rn40rvfpn4VtchItxfvMwFJDZZePMvfoCCL0mMolZ2G45X3u-CeAQ
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-27.ams54.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 fe106b75368b4a44b0461d7e712cd360.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
cache-control: no-store, no-cache, pre-check=0, post-check=0
x-amz-cf-id: 5MbPWjNNg1If3DHOQ1651EJjm9ggAQvwd0nUbYDQExfrd8wjxiuIIg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 abtests
am-trc-events.taboola.com/graytv-14news/log/3/ 0
230 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/graytv-14news/log/3/abtests?route=AM:AM:V&tvi2=13529&tvi48=10638&tvi50=11104&lti=deflated&ri=5aff03a273fa83445ca98c06fd22eb32&sd=v2_55ab650059f8ee32887ea4ebd704a69b_fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987_1705100295_1705100296_CNawjgYQoa9ZGPT7lv_PMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo0_Kg0LHL-6nXAXAA&ui=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&pi=/2023/12/11/ballys-loses-212k-construction-scam-police-say&wi=1676170062484633171&pt=text&vi=1705100295668&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1705100297457%7D&tim=23%3A58%3A17.457&id=1820&llvl=2&cv=20240111-22-RELEASE&
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 144a1ce325fc63c2f930c9ee573283bd.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
11 KB 9ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/144a1ce325fc63c2f930c9ee573283bd.png
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8c1cd30b8d688d8c55a18a8c18a83e91872d8ef631c9c8cb467bd099238fcf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/144a1ce325fc63c2f930c9ee573283bd.png
age: 2642041
edge-cache-tag: 604314819661654497399301943478498831743,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 604314819661654497399301943478498831743,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 94
expiration: expiry-date="Sat, 21 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://roma.corriere.it/
content-length: 10526
x-served-by: cache-iad-kjyo7100159-IAD, cache-iad-kjyo7100107-IAD, cache-iad-kcgs7200151-IAD, cache-fra-etou8220093-FRA
last-modified: Wed, 20 Sep 2023 10:29:40 GMT
server: nginx
surrogate-reporting: width=624,height=346,bytes=23956,owidth=624,oheight=608,obytes=250856
x-timer: S1705100297.465717,VS0,VE1
etag: "40dc5e530fca754c56989c4f8cb5828c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 6, 1

GET
H2 200 32dbb5d53d34c0edd2b7f06a959db4b8.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 50 KB
51 KB 10ms
9ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32dbb5d53d34c0edd2b7f06a959db4b8.jpeg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d6eefc305cf3e7a6b7281a71f3fafdecb4a2b4ae8fd308e4b658b3769bfa2ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32dbb5d53d34c0edd2b7f06a959db4b8.jpeg
age: 4086727
edge-cache-tag: 476980585283032880168901924511576965013,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 476980585283032880168901924511576965013,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 78
expiration: expiry-date="Thu, 14 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.karlsruhe-insider.de/
content-length: 51586
x-served-by: cache-iad-kjyo7100037-IAD, cache-iad-kiad7000094-IAD, cache-lga21925-LGA, cache-iad-kjyo7100126-IAD, cache-fra-etou8220093-FRA
last-modified: Mon, 13 Nov 2023 23:39:42 GMT
server: nginx
surrogate-reporting: width=560,height=312,bytes=61532,owidth=2121,oheight=1414,obytes=3145153
x-timer: S1705100297.465760,VS0,VE1
etag: "0ee49ebfa843beac6bd7f85ab71f0dcf"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 19, 1

GET
H2 200 fe748cd269d677aacce462932841ff6b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
25 KB 10ms
9ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe748cd269d677aacce462932841ff6b.jpg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf7253052e96c913ab49ad85d0717651b20cd4e2279faccb05afaef2ff3b8103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe748cd269d677aacce462932841ff6b.jpg
age: 2544839
edge-cache-tag: 436596240374416533488507245962512046378,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 436596240374416533488507245962512046378,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 62
expiration: expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://games.espn.com/
content-length: 24634
x-served-by: cache-iad-kjyo7100130-IAD, cache-iad-kjyo7100130-IAD, cache-sna10732-LGB, cache-iad-kcgs7200123-IAD, cache-fra-etou8220093-FRA
last-modified: Fri, 18 Aug 2023 07:40:52 GMT
server: nginx
surrogate-reporting: width=727,height=404,owidth=727,oheight=483,obytes=54002
x-timer: S1705100297.465688,VS0,VE1
etag: "78ef9d1c9c2a55e3862e510246433c2d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 54, 1, 16, 1

GET
H2 200 987788ad31804821e3d8a38fa0ef8f41.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 12ms
11ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/987788ad31804821e3d8a38fa0ef8f41.png
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 93cd81c46cbd4bfe6f4719e75bdce456bdce53bf66078c7b9f024da7288fc669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/987788ad31804821e3d8a38fa0ef8f41.png
age: 661423
edge-cache-tag: 356019614756211291261430923255582846094,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356019614756211291261430923255582846094,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 531
req-referer: https://www.express.de/
content-length: 6466
x-request-id: 5e87dcd7ce94e30ec1573cabc3fa7b27
x-served-by: cache-iad-kjyo7100153-IAD, cache-iad-kcgs7200162-IAD, cache-lga21924-LGA, cache-iad-kjyo7100071-IAD, cache-fra-etou8220093-FRA
last-modified: Thu, 21 Dec 2023 13:53:13 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=9596,owidth=2000,oheight=1865,obytes=1422732,ef=(1,13,17,23,30)
x-timer: S1705100297.465975,VS0,VE1
etag: "4e051776f13d36b091ca33d10eb38627"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 aa262759-63bd-4d73-a377-9897a4f0a110__7cCgnkRE.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 10 KB
11 KB 13ms
12ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/aa262759-63bd-4d73-a377-9897a4f0a110__7cCgnkRE.jpg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c8c769ca87ba4559c3189c1c8f767dac7ad794de3ae8ce20067c16e7c6d5baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/aa262759-63bd-4d73-a377-9897a4f0a110__7cCgnkRE.jpg
age: 4626618
edge-cache-tag: 585041585198725168799339815867582004508,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 585041585198725168799339815867582004508,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time: 539
expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.kicker.de/
content-length: 9872
x-served-by: cache-iad-kcgs7200057-IAD, cache-iad-kcgs7200057-IAD, cache-sna10747-LGB, cache-iad-kiad7000093-IAD, cache-fra-etou8220093-FRA
last-modified: Mon, 02 Oct 2023 02:44:26 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=15077,owidth=2133,oheight=1200,obytes=187889
x-timer: S1705100297.465962,VS0,VE1
etag: "068e31b1f02131dc171d8f6909ba3118"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 0, 1

GET
H2 200 b7d8d7462260ca7d9266f411b96af33e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 13ms
7ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b7d8d7462260ca7d9266f411b96af33e.png
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c9abb026dcec6d00f1e449a2facd19e45d055fa45ebd158aa3d17631704656f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b7d8d7462260ca7d9266f411b96af33e.png
age: 3808185
edge-cache-tag: 440116774537927708538806306242409196661,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 440116774537927708538806306242409196661,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 140
req-referer: https://d-37558069264194323661.ampproject.net/
content-length: 11748
x-request-id: 45ab346ab114ff39de79953477007b5a
x-served-by: cache-iad-kiad7000157-IAD, cache-iad-kiad7000176-IAD, cache-iad-kiad7000171-IAD, cache-fra-etou8220093-FRA
last-modified: Tue, 12 Sep 2023 21:10:25 GMT
server: nginx
surrogate-reporting: width=1000,height=555,bytes=38331,owidth=1000,oheight=600,obytes=1112613
x-timer: S1705100297.480445,VS0,VE1
etag: "7de9065f62dc741fb834764f8beb68bc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1127, 1

GET
H2 200 8d2c1565da118c6aa8a90f4a4ea61f67.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 10ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d2c1565da118c6aa8a90f4a4ea61f67.png
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf0ae7fb4f8ccb38d3665915d6506e6cba5aaba33862fff92c2603426c407a79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d2c1565da118c6aa8a90f4a4ea61f67.png
age: 2160169
edge-cache-tag: 405343451816730547632518406737398826841,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 405343451816730547632518406737398826841,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 216
req-referer: https://d-35918869402638490432.ampproject.net/
content-length: 19654
x-request-id: 13ff0e46dd9f3486d421fe11caf70e53
x-served-by: cache-iad-kiad7000156-IAD, cache-iad-kcgs7200085-IAD, cache-lga21983-LGA, cache-iad-kcgs7200160-IAD, cache-fra-etou8220093-FRA
last-modified: Wed, 13 Dec 2023 12:19:46 GMT
server: nginx
surrogate-reporting: width=1000,height=555,bytes=57194,owidth=1000,oheight=600,obytes=1345292,ef=(1,13,17,23,30)
x-timer: S1705100297.480697,VS0,VE1
etag: "7793e8f65fec845322c47f9d63874e5b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1283, 1

GET
H2 200 3SLLP4MLH5EI7FZGXQHHYIMFKE.JPG%3Fauth%3Ded252ff70547e8d241be405cd369a94db530e88c4c9497a85ddac198c68e4e22%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 13 KB
14 KB 95ms
94ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/3SLLP4MLH5EI7FZGXQHHYIMFKE.JPG%3Fauth%3Ded252ff70547e8d241be405cd369a94db530e88c4c9497a85ddac198c68e4e22%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f785107fc4d43250eca27c1062ba15fe41fd228d06b1fa93fe704aa936826d7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 87
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/3SLLP4MLH5EI7FZGXQHHYIMFKE.JPG%3Fauth%3Ded252ff70547e8d241be405cd369a94db530e88c4c9497a85ddac198c68e4e22%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 10964
edge-cache-tag: 394951746937266919051529415495156705073,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 394951746937266919051529415495156705073,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 625
req-referer: https://www.14news.com/
content-length: 13642
x-request-id: b2e73053462badfcb2c238e58c1b20c6
x-served-by: cache-iad-kjyo7100107-IAD, cache-iad-kiad7000130-IAD, cache-lga21923-LGA, cache-iad-kjyo7100043-IAD, cache-fra-etou8220093-FRA
last-modified: Fri, 12 Jan 2024 19:45:24 GMT
server: nginx
surrogate-reporting: width=560,height=312,bytes=20005,owidth=1200,oheight=600,obytes=59871,ef=(1,13,17,23,30)
x-timer: S1705100297.481091,VS0,VE87
etag: "40e060a76cb0f3f8ae4e0c7f56d375e2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 22, 0

GET
H2 200 SNC5TRSMNJCR5MJMOOEMS4Z5HA.png%3Fauth%3D5c909550661684fef4396a336553831a35af1fe0d3cce274879cf4e23a24675a%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 7 KB
8 KB 110ms
110ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/SNC5TRSMNJCR5MJMOOEMS4Z5HA.png%3Fauth%3D5c909550661684fef4396a336553831a35af1fe0d3cce274879cf4e23a24675a%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d9c0d41fcbf06a5409e7643a36c128d351ea1e3e11ffa94d68cb177c4c6cbd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 102
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/SNC5TRSMNJCR5MJMOOEMS4Z5HA.png%3Fauth%3D5c909550661684fef4396a336553831a35af1fe0d3cce274879cf4e23a24675a%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 220620
edge-cache-tag: 349993179135800272566579204324467017938,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 349993179135800272566579204324467017938,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time: 238
req-referer: https://d-28643085592500321.ampproject.net/
content-length: 7422
x-request-id: f0365eb57939da5ecc8657a03aa11aff
x-served-by: cache-iad-kjyo7100020-IAD, cache-iad-kiad7000162-IAD, cache-lax-kwhp1940071-LAX, cache-iad-kcgs7200095-IAD, cache-fra-etou8220093-FRA
last-modified: Fri, 22 Dec 2023 18:22:29 GMT
server: nginx
surrogate-reporting: width=560,height=312,bytes=12471,owidth=1200,oheight=600,obytes=41265,ef=(1,13,17,23,30)
x-timer: S1705100297.481084,VS0,VE102
etag: "9ad52ec091924f27ec8a786e7ec472dc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 20, 0

GET
H2 200 523daeb97bcd946c132de9e5009ab046.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 9ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/523daeb97bcd946c132de9e5009ab046.png
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c126831cd4a8844d580f97f9d7714e175fd8a1f7e484c29fd1479921dcf2a808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/523daeb97bcd946c132de9e5009ab046.png
age: 1480653
edge-cache-tag: 345201184512248954753396511341300579882,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 345201184512248954753396511341300579882,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 817
req-referer: https://actu.fr/
content-length: 13416
x-request-id: 7828dc9fd7d5660d6f5822e80f921f1f
x-served-by: cache-iad-kjyo7100042-IAD, cache-iad-kcgs7200039-IAD, cache-lga21957-LGA, cache-iad-kiad7000060-IAD, cache-fra-etou8220093-FRA
last-modified: Tue, 26 Dec 2023 18:10:59 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=20034,owidth=1344,oheight=896,obytes=1790822,ef=(1,13,17,23,30)
x-timer: S1705100297.481033,VS0,VE1
etag: "7c678364e81e6e06e5b418b6cddcaefe"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 6, 1

GET
H2 200 4b5dd95f3b72b04bae11d1464cd64d8c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 12ms
10ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b5dd95f3b72b04bae11d1464cd64d8c.jpg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e671a23d261e09556825dabab0e054ffc7e62de9ea7f3f1f40761dff71a8fe30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b5dd95f3b72b04bae11d1464cd64d8c.jpg
age: 2452274
edge-cache-tag: 528812142854078461337812902618418654235,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 528812142854078461337812902618418654235,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 177
req-referer: https://apnews.com/
content-length: 16590
x-request-id: 3ed9aef98f49964c76284331e64206f4
x-served-by: cache-iad-kiad7000057-IAD, cache-iad-kcgs7200047-IAD, cache-lax-kwhp1940034-LAX, cache-iad-kcgs7200073-IAD, cache-fra-etou8220093-FRA
last-modified: Thu, 23 Nov 2023 12:46:01 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=22812,owidth=1000,oheight=700,obytes=178642
x-timer: S1705100297.492240,VS0,VE2
etag: "6cca214cc51bfd5de9ed1a43b0636550"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

GET
H2 200 daf466f934189032591a689c36ad0653.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 10ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/daf466f934189032591a689c36ad0653.png
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b1763c93380bd1ab1ddc6ff17ab699c59a31190a7f4585f482b4278372b02c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/daf466f934189032591a689c36ad0653.png
age: 5136530
edge-cache-tag: 316191149026152851344617022257428949470,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 316191149026152851344617022257428949470,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 462
req-referer: https://haifantasy.com/
content-length: 9250
x-request-id: d148f001d4ee6b4e1a7298f53bedca45
x-served-by: cache-iad-kiad7000150-IAD, cache-iad-kcgs7200063-IAD, cache-sna10723-LGB, cache-iad-kiad7000126-IAD, cache-fra-etou8220093-FRA
last-modified: Fri, 15 Sep 2023 15:47:08 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=15256,owidth=1000,oheight=600,obytes=719554
x-timer: S1705100297.492367,VS0,VE1
etag: "08c67cebd435ee6f6092bd435f0a6dac"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2703, 1

GET
H2 200 7c16ac96d2a17ea07cbe1c098abc9356.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 7ms
7ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c16ac96d2a17ea07cbe1c098abc9356.png
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: aa9c33528205144f5140a9725b403db7fac0d856a9f2bb52d9770cfda89fbc26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c16ac96d2a17ea07cbe1c098abc9356.png
age: 3432295
edge-cache-tag: 509214263943832895467070368829831305141,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 509214263943832895467070368829831305141,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 144
expiration: expiry-date="Sat, 23 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://tw.nextapple.com/
content-length: 16880
x-served-by: cache-iad-kcgs7200043-IAD, cache-iad-kjyo7100025-IAD, cache-lga21963-LGA, cache-iad-kcgs7200091-IAD, cache-fra-etou8220093-FRA
last-modified: Wed, 22 Nov 2023 12:22:04 GMT
server: nginx
surrogate-reporting: width=1000,height=555,bytes=47795,owidth=1000,oheight=600,obytes=740035
x-timer: S1705100297.492393,VS0,VE0
etag: "918375184e2b8d98f29aae8487e44be2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 5, 1, 616, 8

GET
H2 200 12dbedfb2ad5ed9f6fdad03567058d94.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 8ms
7ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12dbedfb2ad5ed9f6fdad03567058d94.jpg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c30294b9ed135300cc522b9e1ca129bde1bc00706bca88b77305df9ff52daa5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12dbedfb2ad5ed9f6fdad03567058d94.jpg
age: 3656617
edge-cache-tag: 425218526734943811588898177933740358873,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag: 425218526734943811588898177933740358873,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 58
req-referer: https://www.iodonna.it/
content-length: 13688
x-request-id: d8e433002cb81fabead02157cfd8a73d
x-served-by: cache-iad-kjyo7100055-IAD, cache-iad-kiad7000077-IAD, cache-iad-kcgs7200061-IAD, cache-fra-etou8220093-FRA
last-modified: Tue, 26 Sep 2023 23:11:06 GMT
server: nginx
surrogate-reporting: width=560,height=312,bytes=20538,owidth=2258,oheight=1314,obytes=382725
x-timer: S1705100298.502955,VS0,VE1
etag: "a08e6e969f3045cd9c50b6a5f527dfd4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 31, 1

GET
H2 200 e470290cc22bccbbe33ad788c61a892c.jpeg
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_215,y_127/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
5 KB 10ms
9ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_215,y_127/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e470290cc22bccbbe33ad788c61a892c.jpeg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 26c376469434b7afbf788342b6b01a95022cab140fbde901c64c2c7ecd0d36a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_215,y_127/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e470290cc22bccbbe33ad788c61a892c.jpeg
age: 164581
edge-cache-tag: 575988697728185069096841025281777603204,331718200967786314842521981618413127799,29ecf9b93bbf306179626feeda1fab70
cache-tag: 575988697728185069096841025281777603204,331718200967786314842521981618413127799,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 966
req-referer: https://www.wbrc.com/story/33784360/alabama-toddler-targeted-in-cruel-internet-meme/
content-length: 4436
x-request-id: e94a5054e24d799c72b87fd7814ed32a
x-served-by: cache-iad-kiad7000135-IAD, cache-iad-kcgs7200046-IAD, cache-lga21955-LGA, cache-iad-kcgs7200088-IAD, cache-fra-etou8220093-FRA
last-modified: Wed, 10 Jan 2024 13:41:25 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=45558,owidth=1500,oheight=1000,obytes=773103,ef=(1,17,23,30)
x-timer: S1705100298.503171,VS0,VE1
etag: "ad39d687aced7f99dbe144f5c1c90f00"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 3db94e39f770878e63675b0b050ad21a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 8ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3db94e39f770878e63675b0b050ad21a.jpeg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a669baec7fe41341bd8d941af775c30b53f5415419e3937c51754e6760e422fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3db94e39f770878e63675b0b050ad21a.jpeg
age: 384287
edge-cache-tag: 390532901782122898195527061476017866588,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 390532901782122898195527061476017866588,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 628
req-referer: https://nl.motorsport.com/
content-length: 14478
x-request-id: 4d24d5333683994c7395ca251c537b60
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kjyo7100115-IAD, cache-lax-kwhp1940056-LAX, cache-iad-kcgs7200137-IAD, cache-fra-etou8220093-FRA
last-modified: Sat, 06 Jan 2024 00:40:54 GMT
server: nginx
surrogate-reporting: width=360,height=200,bytes=15951,owidth=1000,oheight=600,obytes=89130,ef=(1,13,17,23,30)
x-timer: S1705100298.503149,VS0,VE1
etag: "8321128cda31e72a5c05fa8625913915"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 31, 1

GET
H2 200 dc11965ef81c01eceb58407355914f0d.jpeg
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_746,y_564/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 11ms
10ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_746,y_564/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc11965ef81c01eceb58407355914f0d.jpeg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 891a89ae68372d5fd72a72b0410a4e7e13a411101a844b6887acb132eea26195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_746,y_564/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc11965ef81c01eceb58407355914f0d.jpeg
age: 2449588
edge-cache-tag: 510200280429777457001404129006303908064,515418074122831780141237583376596326212,29ecf9b93bbf306179626feeda1fab70
cache-tag: 510200280429777457001404129006303908064,515418074122831780141237583376596326212,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 168
req-referer: https://buergergeld-zahlung.de/
content-length: 7646
x-request-id: c627b68d3ff72c115a5eda2e393f8c87
x-served-by: cache-iad-kjyo7100145-IAD, cache-iad-kiad7000044-IAD, cache-iad-kiad7000057-IAD, cache-fra-etou8220093-FRA
last-modified: Tue, 05 Sep 2023 02:35:41 GMT
server: nginx
x-timer: S1705100298.513356,VS0,VE1
etag: "7a7a7c7ac32ac4d49c33021c48bc76fd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2, 1

GET
H2 200 PL7ORAROEFGUDNJEJBT5WASRIU.JPG%3Fauth%3D0f19ca741c281566b140bddc75994669bd9930e30872fcc9517d0b458f7ffd2f%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 18 KB
19 KB 94ms
93ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/PL7ORAROEFGUDNJEJBT5WASRIU.JPG%3Fauth%3D0f19ca741c281566b140bddc75994669bd9930e30872fcc9517d0b458f7ffd2f%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf3da1613856e652347178a440f693de7776431f59a01da75427e6779cbbcfb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 86
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/PL7ORAROEFGUDNJEJBT5WASRIU.JPG%3Fauth%3D0f19ca741c281566b140bddc75994669bd9930e30872fcc9517d0b458f7ffd2f%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 10245
edge-cache-tag: 583465805026017816612749012254986034109,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 583465805026017816612749012254986034109,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 615
req-referer: https://www.14news.com/
content-length: 18606
x-request-id: 0d516430d4e3e60e41855043aa7728dc
x-served-by: cache-iad-kcgs7200143-IAD, cache-iad-kiad7000156-IAD, cache-lax-kwhp1940081-LAX, cache-iad-kiad7000114-IAD, cache-fra-etou8220093-FRA
last-modified: Fri, 12 Jan 2024 20:00:52 GMT
server: nginx
surrogate-reporting: width=1079,height=600,bytes=33076,owidth=1200,oheight=600,obytes=41548,ef=(1,13,17,23,30)
x-timer: S1705100298.513825,VS0,VE86
etag: "011cd25d63116f60f78d267dc502713a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 11, 0

GET
H2 200 1a95b0ef6a1d100818b1f8c51b265e10.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 84 KB
85 KB 11ms
11ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1a95b0ef6a1d100818b1f8c51b265e10.jpeg
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 82dc0f2ca9a1e7231d3850d0b00fa462efbfb58f047a7376c1d5c753c95cfa96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1a95b0ef6a1d100818b1f8c51b265e10.jpeg
age: 3695607
edge-cache-tag: 349887599538672822615869904789293611742,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 349887599538672822615869904789293611742,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 284
expiration: expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.eonline.com/
content-length: 86264
x-served-by: cache-iad-kiad7000121-IAD, cache-iad-kjyo7100096-IAD, cache-lax-kwhp1940038-LAX, cache-iad-kcgs7200051-IAD, cache-fra-etou8220093-FRA
last-modified: Mon, 02 Oct 2023 21:22:16 GMT
server: nginx
surrogate-reporting: width=1000,height=555,bytes=83203,owidth=1000,oheight=600,obytes=104598
x-timer: S1705100298.513773,VS0,VE3
etag: "3a924ec866cf01d2f9283f599c8182c3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 30, 1, 26, 1

GET
H2 200 YNO5C3H4R5DJBBJFSSVV547XAI.jpg%3Fauth%3D99da5c6989ff7502d8f13e9e27e354dea4034908432f550c69bbaa34bfe49370%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 25 KB
26 KB 10ms
9ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/YNO5C3H4R5DJBBJFSSVV547XAI.jpg%3Fauth%3D99da5c6989ff7502d8f13e9e27e354dea4034908432f550c69bbaa34bfe49370%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fb56925c744b035b3949d28e0d9ba6ffb7f3de3478719efc82fa8c242eebf552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/YNO5C3H4R5DJBBJFSSVV547XAI.jpg%3Fauth%3D99da5c6989ff7502d8f13e9e27e354dea4034908432f550c69bbaa34bfe49370%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 1247457
edge-cache-tag: 372861709335879520394173608537973131913,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
cache-tag: 372861709335879520394173608537973131913,353196310804917030240392946482892707272,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 741
req-referer: https://www.14news.com/
content-length: 25468
x-request-id: 9505d335e908c5d181751f860c20c4ef
x-served-by: cache-iad-kiad7000082-IAD, cache-iad-kiad7000023-IAD, cache-lga21944-LGA, cache-iad-kjyo7100041-IAD, cache-fra-etou8220093-FRA
last-modified: Fri, 29 Dec 2023 10:22:52 GMT
server: nginx
surrogate-reporting: width=1140,height=634,bytes=45207,owidth=1200,oheight=600,obytes=58602,ef=(1,13,17,23,30)
x-timer: S1705100298.525477,VS0,VE2
etag: "e42eaae32b34c302381c5aa9706a15d9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 167, 1

GET
H2 200 3O4RFOIHSBG2PBXQWS55QMTV3A.jpg%3Fauth%3D3013bebe76ed65e14ea153cd946def9467ce9eb281d90065ac1a165841c86ebb%26width%3D1200%26height%3D600%26smart%3Dtrue
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/ 52 KB
53 KB 8ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/3O4RFOIHSBG2PBXQWS55QMTV3A.jpg%3Fauth%3D3013bebe76ed65e14ea153cd946def9467ce9eb281d90065ac1a165841c86ebb%26width%3D1200%26height%3D600%26smart%3Dtrue
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e12f41affbe93a49de1cc76a7490afe737e5bab49b590c56da916c020d35c30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_634%2Cw_1140%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gray-wfie-prod.cdn.arcpublishing.com/resizer/v2/3O4RFOIHSBG2PBXQWS55QMTV3A.jpg%3Fauth%3D3013bebe76ed65e14ea153cd946def9467ce9eb281d90065ac1a165841c86ebb%26width%3D1200%26height%3D600%26smart%3Dtrue
age: 1848570
edge-cache-tag: 591537975104685991240517463783121531658,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 591537975104685991240517463783121531658,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 289
expiration: expiry-date="Fri, 19 Jan 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.14news.com/2023/10/18/halloween-display-pokes-fun-princeton-walmart-pole-accidents/
content-length: 53682
x-served-by: cache-iad-kiad7000177-IAD, cache-iad-kiad7000115-IAD, cache-ewr18133-EWR, cache-iad-kcgs7200163-IAD, cache-fra-etou8220093-FRA
last-modified: Tue, 19 Dec 2023 13:03:59 GMT
server: nginx
surrogate-reporting: width=1079,height=600,bytes=65385,owidth=1200,oheight=600,obytes=85186,ef=(1,13,17,23,30)
x-timer: S1705100298.525669,VS0,VE1
etag: "3d152f841207697c2ef7a8da5c2e3edf"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 0, 1

GET
H2 200 cmAdService.js Show response
vidstat.taboola.com/vpaid/units/33_7_3/infra/ 46 KB
12 KB 8ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmAdService.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_7_3/infra/cmTagRECO_REEL_WIDGET.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-meta-mtime: 1704535345
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P5
age: 564873
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1704535345
x-amz-meta-mode: 33188
content-length: 11556
x-served-by: cache-fra-etou8220093-FRA
last-modified: Sat, 06 Jan 2024 10:02:26 GMT
server: AmazonS3
x-timer: S1705100297.482622,VS0,VE0
etag: "395c2d3a29b53f05f31fcb3046a9dd43"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: LSpxDgW8A_hZJ5Z9l1dsPchg2ABAbsUZLlTOpr0o2wxfJRgcDXJ2Ow==
x-cache-hits: 522377

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3040706438601181&vrg=202401040101&nw_id=63316753&nslots=4&eid=31079956%2C31080255%2C31080295%2C31080441%2C44807747%2C31079525%2C676982961%2C21065724&pub_url=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&qid=CPrzzcv52IMDFa3BuwgdsF4Avg&iu=%2F63316753%2Fwfie%2Fweb%2Fnews%2Findiana&e=0&ret=300x600&req=300x600%7C300x250&bm=0&efh=1&stk=1&ifi=4

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0945
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2YwprkMyW4j6Bkr6u1cB4&google_cver=1

43 B
733 B

25ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2YwprkMyW4j6Bkr6u1cB4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLify4ECMAE&v=APEucNVoVQ9puWQkCwfX0Ef21ZZ1tAiMjkEPtN2X7kinOMYVPwOWNLAGALoFCDe6uMvW6UDZI_yRhgp5RoHI1c1GiXpL_qBLRjGyOB63Gw36AVvG16d63-ELCONBaLWp4qrA30cE38EVL-wqIOt9ex6ol8o6wzGSRG7dR6RPFK2CxgzgMyDzcNI
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVU9ZhEYJofVIaUX4Ck0%2F0XXSg7BWAX9XezJmKswH%2FiLGU2kp3Enlo57amsbgW%2BF8UjDbsswz6sHjjnXVgNR7Su9jDQiFLccFByJUsu91neEr0VLg5URm1vuE7E6wlzjfhcXGD%2FiOc1CfA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900dbfaaf5d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2YwprkMyW4j6Bkr6u1cB4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0945
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaHECGceIg1qSUvyjIeadgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2YwprkMyW4j6Bkr6u1cB4&google_cver=1

43 B
734 B

33ms
32ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2YwprkMyW4j6Bkr6u1cB4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLify4ECMAE&v=APEucNVoVQ9puWQkCwfX0Ef21ZZ1tAiMjkEPtN2X7kinOMYVPwOWNLAGALoFCDe6uMvW6UDZI_yRhgp5RoHI1c1GiXpL_qBLRjGyOB63Gw36AVvG16d63-ELCONBaLWp4qrA30cE38EVL-wqIOt9ex6ol8o6wzGSRG7dR6RPFK2CxgzgMyDzcNI
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAaPYTZE8bbsUSoif61WR91IOjfKPWgwYXyyxzHAnbSJy%2FJ2wglhNPvtm8iV4oW4WfY8cDBkoid6Z%2FlL7SLmCypLjsh%2F%2FZE34x7UH79VgEi3ZSlauyeC40XA9Dia7VKYlDfPewwgmjCw%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844900dc1ac55d80-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2YwprkMyW4j6Bkr6u1cB4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0945
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEC8txFFXY0C5K5upZMHKeiE&google_cver=1

43 B
1011 B

13ms
13ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEC8txFFXY0C5K5upZMHKeiE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLify4ECMAE&v=APEucNVoVQ9puWQkCwfX0Ef21ZZ1tAiMjkEPtN2X7kinOMYVPwOWNLAGALoFCDe6uMvW6UDZI_yRhgp5RoHI1c1GiXpL_qBLRjGyOB63Gw36AVvG16d63-ELCONBaLWp4qrA30cE38EVL-wqIOt9ex6ol8o6wzGSRG7dR6RPFK2CxgzgMyDzcNI

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
an-x-request-uuid: 3847eaf9-4ee6-41f8-a49c-03cd38298267
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEC8txFFXY0C5K5upZMHKeiE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0945
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1NDg0MTc3MjIyNzUyNzk2OQ%3D%3D

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1NDg0MTc3MjIyNzUyNzk2OQ%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
an-x-request-uuid: ef93e65d-11c3-42e8-807b-99a0419431f0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1NDg0MTc3MjIyNzUyNzk2OQ%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9B40 111 KB
39 KB 46ms
6ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
Origin: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jan 2024 21:44:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 9B40 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOL5PhJ91nmJ0SEO2-iKggKdX-6lrph7BKGQ1oI1eM4dpcsp03DtUfwr3FUDePpPoJliTIqfs-1Oy1h2_3NrhI11bOVZZB9gtyA_-ZtCuZGGsJ-uXK1FYpZjX_-2aaj2dxiqOYhTxXTvgjIzSz0n-5UK-31g-CwA32n71f-wB68pG5lu0&dbm_d=AKAmf-BgAYpywMzmxPzFlaM8KOcoA24KNnqoXIMFCbMqVTwIWqedlDgrvfS5DK9c6J-3tNPBDWr20xXcudqhmm475HwXEbeHIn82u2Dm7UHnvZB9XVj15WeTW1qaU3J0EVKT3206hKlkMpEO7hFJZuyUqFKmOoagzAp12QaLdRHsUGS4M0Hxldly3gOoFj6XPIJ7hKKgLi1IDQ-nAHuSfNmkrKSpwteh2i2yEt3sksEhjGb6InAvgZvpnh2tXXmW34AqHXqSZRkDPpSdgm-POlzB6mKfulQsjUN3nBSS9qQT0kVH4oOz1A6wvOVbmT4RauNHe705E5uHOMLEgxWjOAqg2F0ag2mlabj98U4cd354PRwtQ8I1-kAVF5z5-EcLjfNThTVK3fmA_Fu58gbaRTVGh_LjfZ8HY8HCrDiF4iENny7nKpf5JtDKqs4I1_FawzuhO0o8FR3T6cCoPd4rnQQPHRCluh_qKnas2ij0X9EQefu8QZujI5Vb5jCwjXNTKv_KLA7vJetKVOhKPJl8evTbiII2dKeMrDyjDp_98J-xV2ms5MsyDh_6Q8v8fBiWAT2eNbnei8mfoC1GAmo-a2mqKQnEqtIZWONXu3YnAw2MTVRseWi6aLVG1hvfkVlwJtfhg-blkmdgWigU6PhVdFDIaAUhBIyXKoU5Q2XA9ZmobIBHcf9Gfl5XFYfcZ69u5td-z5y-r2zyX2EQMeE9ZkxqKCOD1cMbKVkYtTqV1y1l1mXjidWFCYnNc-DlSI4pwKxmgIpSRZh8gHbi4EYjkF0BGhRM9ZR0b8i7P82HENwrCuiN4_rY61W1yxN2HP087DHXHL01InJVRhWEzK8d4xUYrfeIf49jQPWujqAh5RT3r4Fb4JVIdgBb7VU6a2kQk9W_MShvpH6JIkXeV6_qGP3ZMQFe3SsHIrnVUXujSfR_JGNta3uRe2wBr2acVMVDLnzJyg6J1CevZPFX0me2fY2h6ELqtGVGr2sonnd6qEsaph5EcVg4VZba1b8d3HDfqjCoWVcIjRU6eLp6An7mxAiCBTrK0OSpTkOLM89uSoxrJf4iBnuYmTvh-75KjC1evtawlIkRiJBWaFGNhoAptZXci0nk7V54hj1F8GVB11BG63XFbq2LkK6MLqJs3Jr8pZmhGPVGGNVPreV8-Nr7WPO8UurflIlT-jJ6Fs9_1VvxS4ooGRQL1GME0FV8CHt0_VeWPz1vY7zM3ls2-9m1OUpOAHT0TE1rp9B7fFQIaTU7k8a4N1Te1FtE3YAd5ZwwlK13SbgnBq6Qka5V2NpJ5lqfXlIve_bVbpTbU_yY_7zLrMvKQdaHkOuZ3jr3xk-StKW-KvQZ2ptlemm_QaL7-gcYFXNuya-M3-6rgRyDM-r0cFsqExgPq4ZzArEakLT-7PJJSqbj4asz7-yvk3mZQ8MbuF8mAd0VfHAmLgniHwB8Q70TTRWxCUjhGy-Vl-d-7q44FJSC1zFl-W7oH_RxCe4zEaO0AQJYs2CdCEh2KXUtUe_6iWWOemoD6wKsD499gyvhiengUULJebqcK00jtgCTb8dQM4kz0V_wqM8xJadxsWb6D6Rr9enyqtCvSPOqi5PlA8Z_leGZl_19JXWBrIsZoqMQUxklXpkspVgOfKMKVP_cfNaBuEB1KmG2mjRA1T0HOKnk365lOK13-7uhW30ov8gyW2Rqw3OmN9phKlJoG0yf5twCTRv9wORYdE3W7KHWq_cqOMqiKGgNE0VlE5vTbERh-PHdTF8VhVo0FZEL95doxw0auhao8gZlnr1BK44K4B5j9DDgKb2ZxZIqIC4_2oGA_kNxQN74h9ZrwxfN0IyVxmfa3exNOoyvfJlUmlia050bJzQwXK6AWgMWfx2jZK_V43JMjAzgmynXYClJ7hKs__OAzadJfN0af5jPaXbjz639Hf05pJy1qDD2WRUTWZAQHpuzqfLGeKHMgWCYaUJBMAlMf7_FHJTipX64PjViREgmKbj9GL8FCfg1mCEvsNsghSo2znAXTfv_l3ZEaFFlwNPIssjP_lwbxh_cz8zcFdSb-ByjxwsMTgvxIWV2G7BeKB7RIwyDBgYAUmK_6QnhZC_shV2cqqcQGmGQ3yJko828Upgh6kc-JP5vMFpdl3z9uJKNHTbU1htba9ti81C9--ZwFM_8m9aN5vnfGvJcxg4IChANrfhjphx73gCL1twAbnKi4tvkpY-drRULCZUhPhH0Ws523Nd5O8zbN3WBOdafMj8lrhRAreN0KxZcN5GPCszhM9sTlwKc3N_Uj6D7-VMM3iEfM2FUyekOo3S5bbE5ohQFJ0iZ-vLZXCFOy5g4cvNwi1hBGE18Npq_9a5gIZ3DsTyU5u-GGYHesygI7MA4WqwY07NTqOJJkcB9rHYBitSgM6TeLX_YF11Ur5g-98xvJcMrVUunCvduEqr8HKOj0IXBr2o4_yMYqz58Zn0lGlEVHPFUh9nrjWhRv3KitTpDH4zOKCojGHwtnHvUu_5wn_cbRtzJFAqK9MleelKM4i0KWp4CEPtMJXK2yx9Qtw-X_ylKM4FCDfnGbCfqlUfaLLCBE3NGTT9XLNSrN4lBOwjL_pTEj08VTcaWlc61XGl_JDWLq_xHfLWDAQ8Ao81zcQNUMmItt0cXp2a-hsWpYxi4PHaiAK_kQCQbwnbC1fe4pYURf_OKDx1UQTVEIQ7qayhR0fo6Ci7Y3m0_zBtH1jp_NlXhYvpIn7Ze7DVkO3tRPcMb05iJreTnXO89ugDelQ0tDQKPj9lXIIljSOd9Z_-rEvJnnVfjJEQLtTjX2v1m--nlWu5CqeaH6BnZqiWxydB3HL_aVkntQqIs_po4r6nbld2y4r75yf0AN_usF3FtZHDqlY4OVlmr2iInnByKRpTavmzcah9btoYU_jIrC9ZU4jBJao68SG8jN-OdLxI0flvmM02wu7V10VJUVDvk6X1UDpes1Tnzia5hRshOKRRErg_YDCU5Cn9YUQ7vf_aMIISWi1_gfSy8qOf75lqs0sag8KP-yK86CvxCoi1YLjIwz3XoIN77CYTO9CIuz5doBFskQyWS_NQpA4Melqkz3PuJCimCcP6jVJjwAuqZN2PafCCkO55MuHZWjFFBnZ543D9AxEhJwKOlXWouFS2aMjlxTreCr9u27CCNbfzdqtZLKvEA616IdeCWWTHjwnjrAYBl6cFogbk9XlEZc7aMP86RwLlr-nAlHniwIub1Paj0DKEePdDr0_STfzKKA2E-CW48mpo7pdbx6dU5bNusPvl5SlLCD8YdGUCKaZg7vHVG1vmSZIAk3KH2zPdbINqx3weigjDEZukNmiPYFgiiLkGLUjRyCUrC__Qfx-hYWtOscjVRJyxDcpR429D6-mkCTiFzqRJ3IcZ6zZXPBUE6qyeNkkS5YDKwHgfmkofgQbEnD531O3jAVd3Bi60BIZcVSizvoMCUYPCnttwFfzWbbcUGxvCgIkHDkwXcnOViYPxcBTCq4J-L542AEsko8LwG_3ADMbTl_DFzpL_NbnxMZ7X73YP5igItPjgHwhFO4Hl_S3cZSkuNmusjqq-rJHuLpUlPGLrMIRIIBu2yIB_cIv092Bh7R873JxTwtCYHDZD_dNIspBIkvSI35o2Ao67ofbF1EHFlRD_qT1D2uRqSsZuHVd5zTGAUvqn0twapo60eWCb24X_RYfsgBw4G2X9VYbA1QitAsJVKxjKSn4TC8WUKSFAzef_NVY6kLbjjjcTvTKbpZs2pCig7bqMv0W-TVP1vIcBAdBJDT4NfLQrqvaKSE0vKK1cKdUqeEN5iVVwQQoN_A1hlKw58aIda_Q-6hKwW_6N1OkMnR5u_idoqRicYez72Lbg8sk-OUp5WW7Wipls91VL9m03qYnyhkEu67PFRaaAT1FGrco6TPPWfMbdoV5LEythYEkUxtXMybD0wajtc8tXTWOXeZkPytc7cVn0LH8vmI1uosROCC6C65-7B&cid=CAQSTgAvHhf_lkHrgfUobPwpDFtLYZasvfRoILKo1Wxt1-y6D2_n8NXroYs7A4MH6cv9JxYLnjYKJ4khDm-FPsoBEHjXd-kzLxk5IQONyOTAWRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.14news.com%2F&ds=l&xdt=1&iif=1&cor=17700425428629393000&adk=388007312&idt=78&cac=0&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 18:52:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 9B40 31 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 18:52:59 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9B40 41 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
DATA 200
OK truncated
/ Frame 9B40 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adb0e0342a966128ec6a26d0320b49c8af9ca3bfc3a5b7cc688ae2a4cbbff506

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 bulk Show response
trc.taboola.com/graytv-14news/log/3/ 0
319 B 25ms
25ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/graytv-14news/log/3/bulk?tvi2=13529&tvi48=10638&tvi50=11104&route=AM%3AAM%3AV&lti=deflated&bulkSize=19
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240111-22-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 19
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7508
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220093-FRA
pragma: no-cache
server: nginx
x-timer: S1705100298.601013,VS0,VE19
content-type: image/gif
access-control-allow-origin: https://www.14news.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BFD9 38 KB
13 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 99486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 19:20:11 GMT
expires: Fri, 10 Jan 2025 19:20:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame BFD9 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 16:01:33 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7849941690979828464/ Frame 275B 15 KB
5 KB 21ms
7ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d781bb8800ce7a95168ca8e02a9e9f7c18382aa832a8ba222ad82a73ffa73759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 9392
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4936
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 20:21:45 GMT
expires: Sat, 11 Jan 2025 20:21:45 GMT
last-modified: Tue, 02 Jan 2024 13:23:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9B40 0
0 132ms
62ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_8HpvnQMyj7LghNm4WwTNqfI_zz_-sju14ANkONs1pykH82J1sdQ6QQ6lGcxjrvmMQHi_OZzw--WGunHGFW7SotmNnFjDVgXN4MorPral2r4NhqL6njgN0yFMAmG-u2h419c24jYG5IgVRDSvA1GLD5GNglUO0iGDMoh_3bDy9uoB-xGIaFurRdnB5HZ5XHImD1GLow8ra-HKe5McwJF5AbkpbwBdYluw0S8tqDP7NubPxb9zLmq_P5zNrxdW6ntxjR_IOB6yLMpj2AAQ-3dC9QCQF0-IaQM65d-VsBDXrIW43z5HliePqrWD9gkAlq4VhIU0MWqxWssiiOyVgJit8mzOCahZKsSAxJkWlFKGF7ti4Cdy6hLd6ksv4b8yasC_R_34rn12t-XC7wLHCZLFoCXNMEle_TLqhd52QNnOjIMJTG7aXBKQpE5bqRj-FsY9Hqc97l4pvi-xUhrtcdg4CKQtIGYjKyRvntztqIJoSrSNbfF-JJB0Sjcay-cOcHIviIr2WA6a4O3WFNGA1p6-45qf8IxkJr9r1rMVKvK4wP5RSFNO_eBon8A8ox_Hch0mbeHWUvyd9kYZCH5zfzbSTxeZ4G5k_Jf3NRcaAhUGP6uSc77MdoG71nTXknBitHamhLcuecaBcQ_w4aD3d6UEB8LtZhkfqY8zBwHUi_Wl9XZP47rlBJn-sBIv_oslqZLWgyhtaaehtIPD9g-vSr6E913w-kNiH7rnAuUVjxfFemi8QIic2fNoumjI95DGHdzNoQ6IW68goHOT2lP_bZ7fcCCAeau23hiD-d8XL6M60ZCE0xU8qPUsjPQPwxuyGb88EA97RFRwMtYXptqCS1d5o4MP1CbCM4op7Mi9_GEADX_o563mrDnAm2RayMPpUUyKB-qWBiW4jhNStVvZzJzZwN6weaeFFFPVRf0KqoYSRLJehkw6BlXQqLwkTZ0E13P8VaXhKVnFSdWMcwJDDht_GxxZtCcXup5yL7iIqV8EyHVVT8ECs-Y7gXHfbD3YtRKbdFshCi3mj68KpaAw3oE37olWGml9KqY03F6XfeNNDn6sOlpdMT9tZ-cBFHL9z9v5-mvE1uOp9TLAIrOFBNYvSiIyQyJgfSA0ilsC0ZM_KCd9fz0QQTly8a4NcJhin-Hcgkn2HnucEtjjtJyiTlsY7c_Trbs8B-AN9ruV1JK11DgumvQlEjGikQxQOtRPJljuPfzJ4169gfDsZ4ZCVcg5BsXbTPLIqXJ68sl1zbMTbYKheHg72jLWabolSLyIVQGx5kxr5p0x9zZojIQIkBZPSG0_ydR1RHBznsYbImh1k_SHTlgLr-8P1W9m_NIs0oeGrZvHueSGRW0doehAJVqDCG5Hqsn424xZpDd6o1_AtXyndGfKNVHnpaNvx-MUUCyppw&sai=AMfl-YSlF5Psy1gzaTKoELtEHxKQ5DxWGEybKnrngaBgpAwr2iTCxIFDKozVTh_hJ7onqtp6EVeKczW0PT_dnGthA2HRYon7Sf9QvZDaef6g-j6kV6Q6th8lrnVr6IfbqCY-H2bkccg_hYrf5UKCjFeJRFT5PQOm3k_4_AX_3TqizPJhDjYOOiMwgRO4f92fL5bL_4zoR2pzIWbz1LKKi6HY8dKXvaEpZF3RdqiXPZ49P4MYiVp4iI-4yMc4Lo2x2e8keEdmv6ab9DlQozUhuJ1G-FZjRP9xqZubHDNjjg&sig=Cg0ArKJSzIjOEiZBMQQEEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=59&cbvp=1&cstd=58&cisv=r20240108.44923&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 22:58:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 9B40 43 B
1 KB 98ms
21ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1015387910&extPm=540200888&extCr=20923846989&gdpr=&gdpr_consent=&rnd=3315498020

Requested by

Host: 51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com
URL: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 12 Jan 2024 22:58:16 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 12 Jan 2024 10:58:17 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

firstevent
skydeutschland.demdex.net/ Frame 9B40
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207745936&d_placement=383976328&d_campaign=31090180&d_bust=3315498020&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207745936&d_placement=383976328&d_campaign=31090180&d_bust=3315498020&gdpr=&gdp...

42 B
732 B

36ms
36ms

Image
image/gif

52.51.166.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207745936&d_placement=383976328&d_campaign=31090180&d_bust=3315498020&gdpr=&gdpr_consent=

Requested by

Host: 51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com
URL: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

52.51.166.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-166-94.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-047246365.edge-irl1.demdex.com 4 ms
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 4cDVNL1oQL8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-0403cf5e4.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: hO/SYKCwS0s=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=207745936&d_placement=383976328&d_campaign=31090180&d_bust=3315498020&gdpr=&gdpr_consent=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
740 B 7ms
6ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 10904
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1705100298.658990,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 4700

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 275B 236 KB
63 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 22:58:17 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9B40 0
0 65ms
57ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_8HpvnQMyj7LghNm4WwTNqfI_zz_-sju14ANkONs1pykH82J1sdQ6QQ6lGcxjrvmMQHi_OZzw--WGunHGFW7SotmNnFjDVgXN4MorPral2r4NhqL6njgN0yFMAmG-u2h419c24jYG5IgVRDSvA1GLD5GNglUO0iGDMoh_3bDy9uoB-xGIaFurRdnB5HZ5XHImD1GLow8ra-HKe5McwJF5AbkpbwBdYluw0S8tqDP7NubPxb9zLmq_P5zNrxdW6ntxjR_IOB6yLMpj2AAQ-3dC9QCQF0-IaQM65d-VsBDXrIW43z5HliePqrWD9gkAlq4VhIU0MWqxWssiiOyVgJit8mzOCahZKsSAxJkWlFKGF7ti4Cdy6hLd6ksv4b8yasC_R_34rn12t-XC7wLHCZLFoCXNMEle_TLqhd52QNnOjIMJTG7aXBKQpE5bqRj-FsY9Hqc97l4pvi-xUhrtcdg4CKQtIGYjKyRvntztqIJoSrSNbfF-JJB0Sjcay-cOcHIviIr2WA6a4O3WFNGA1p6-45qf8IxkJr9r1rMVKvK4wP5RSFNO_eBon8A8ox_Hch0mbeHWUvyd9kYZCH5zfzbSTxeZ4G5k_Jf3NRcaAhUGP6uSc77MdoG71nTXknBitHamhLcuecaBcQ_w4aD3d6UEB8LtZhkfqY8zBwHUi_Wl9XZP47rlBJn-sBIv_oslqZLWgyhtaaehtIPD9g-vSr6E913w-kNiH7rnAuUVjxfFemi8QIic2fNoumjI95DGHdzNoQ6IW68goHOT2lP_bZ7fcCCAeau23hiD-d8XL6M60ZCE0xU8qPUsjPQPwxuyGb88EA97RFRwMtYXptqCS1d5o4MP1CbCM4op7Mi9_GEADX_o563mrDnAm2RayMPpUUyKB-qWBiW4jhNStVvZzJzZwN6weaeFFFPVRf0KqoYSRLJehkw6BlXQqLwkTZ0E13P8VaXhKVnFSdWMcwJDDht_GxxZtCcXup5yL7iIqV8EyHVVT8ECs-Y7gXHfbD3YtRKbdFshCi3mj68KpaAw3oE37olWGml9KqY03F6XfeNNDn6sOlpdMT9tZ-cBFHL9z9v5-mvE1uOp9TLAIrOFBNYvSiIyQyJgfSA0ilsC0ZM_KCd9fz0QQTly8a4NcJhin-Hcgkn2HnucEtjjtJyiTlsY7c_Trbs8B-AN9ruV1JK11DgumvQlEjGikQxQOtRPJljuPfzJ4169gfDsZ4ZCVcg5BsXbTPLIqXJ68sl1zbMTbYKheHg72jLWabolSLyIVQGx5kxr5p0x9zZojIQIkBZPSG0_ydR1RHBznsYbImh1k_SHTlgLr-8P1W9m_NIs0oeGrZvHueSGRW0doehAJVqDCG5Hqsn424xZpDd6o1_AtXyndGfKNVHnpaNvx-MUUCyppw&sai=AMfl-YSlF5Psy1gzaTKoELtEHxKQ5DxWGEybKnrngaBgpAwr2iTCxIFDKozVTh_hJ7onqtp6EVeKczW0PT_dnGthA2HRYon7Sf9QvZDaef6g-j6kV6Q6th8lrnVr6IfbqCY-H2bkccg_hYrf5UKCjFeJRFT5PQOm3k_4_AX_3TqizPJhDjYOOiMwgRO4f92fL5bL_4zoR2pzIWbz1LKKi6HY8dKXvaEpZF3RdqiXPZ49P4MYiVp4iI-4yMc4Lo2x2e8keEdmv6ab9DlQozUhuJ1G-FZjRP9xqZubHDNjjg&sig=Cg0ArKJSzIjOEiZBMQQEEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=122&vt=11&dtpt=63&dett=3&cstd=58&cisv=r20240108.44923&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFD9 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BaBJSCcShZf6WGs3UjuwPpcqY6AkAAAAAOAHgBAI&bg=!wsGlwY7NAAaumcC-jpk7ADQBe5WfOCbzjq5RUnek-A3AbNLjMlUOcz_XXYILyFVnZlvVKBO1jJyD9pjWGe9kh2R02UpgAgAAADZSAAAAAWgBBwoAG66lGgTL8WdutljvYQNW8JzZDOLlSAqX3aSXgpkDTpw7ljOjlSRbk13Ti6E2DVmYPLpld_4T4UrbjHLMh0bDrg3ljJgPUrjNQy1txbVsDg0jrRQnWco8Thk-F-wOS93bbfRpVv0X5UEi0HAOZgU_VTwlj7acLX59nRJ7AR6L0hYpB3178hy8i67vbL5hIeUSOX8OVqfjdt9wQwHvkiaRNywDPveF4-xJMRwer4ieBxXa5ZXf3qcLRLGlziCpU1Dg019jHvZVaZ1h8wQU1GNp71yBcdgC1oQ0sajKhr9iRCJLQIZYspPZCpsiso_yxcRz8GZ5rHHwL1aS1kLqy5ikfvi--IC4yBRyM1IzqEaCBRT47xeZUqEsVZSyxQOQ8-kt9r_IP9hU_dtMBHFN7zF1DcFaT4m8Lih8oR80v8qVGBpRUw6a8S61yosI5SLdgsDobZBf5sgN6BA8aN7veQBIH1j34-lG8BQtU71qf08huimdh-rmWV3zCDnYz9jau4Ohi83iA_r1L_QRhLArCu1AVxzCgHaHX_YMRZHS0RLh361XbJblmdX88asXV-w5Pk02kwJltnX9Tv4czr2OEldva1b_BMf19HsW8G9AhnvKEAeSSSkm6ObaZqbPvUqSaJJvjLEs7S3M6D6zA-gkHLkz2Sbg_MTSXwPeWI7Mj345uZ5weID7G0FGNyi904v-EaiB32uXmeHjeacNzErOb8cb_s4RzJ-VLUQmEUly05PusyT4vwU02OqGP2XMVpH73f1G3p0ddaXKcJxhBQR2EncSYTMFkRI_AuZ23bKMfUWdwen1mBcXnkUrcnEYlzTlolVjo5PLT6pEoqu7zSrd4FHfwfWOaHTj6X-Axcndyuaf_SB51O5VSnBgjr3vxuYtKtCCi6TfiNmkcmyTSL77dnJTErZV9a0VxvNtNBH7rBO8UQjm0I2mGicZO-9fcuhd7pOe69i1RxbnOHZd2h8eegDuxO0gB2JtyzJ7MHAsi3Ztus3yzwWL_IjPI8-wNJ6SNnJXCG-j-w-Y6E3jI9Sbe3VYthB7lWI5THTaIty0s-59bg_spmSF22sKxIp7h6EIQUnSEY4dJr7bqKfotq-MmDlI9FtC5isSpzzB6INXzprF1KY7QISWneddvuEgnRHX9JWDiACFIjaI7azaJGZZjQ

Requested by

Host: 51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com
URL: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3040706438601181&vrg=202401040101&nw_id=63316753&nslots=4&eid=31079956%2C31080255%2C31080295%2C31080441%2C44807747%2C31079525%2C676982961%2C21065724&pub_url=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&qid=CJLPhsz52IMDFSHHuwgdQbkAlA&iu=%2F63316753%2Fwfie%2Fweb%2Fnews%2Findiana&e=0&ret=1024x90&req=1024x90&bm=0&efh=1&stk=1&ifi=4

Requested by

Host: www.14news.com
URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 56ms
56ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9980bc795c9f415a9697312eb2c0d1e3766b5e6fa1b19bf90a9bb3c1ebe6fd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12349
x-xss-protection: 0

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
250 B 302ms
95ms XHR
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a000034LEzsAAG&gdpr=0&src=pbjs&ver=7.39.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.14news.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
387 B 87ms
86ms XHR
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.14news.com%2F&domain=www.14news.com&cw=1&lsw=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 217246
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
415 B 214ms
8ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

33459a46d0456447c25713d7950d6a1e376b4cb1ec1b6323b27e56d71922ae1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.14news.com
date: Fri, 12 Jan 2024 22:58:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
317 B 38ms
29ms XHR
application/json 54.229.214.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.214.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-214-219.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:17 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.14news.com
cache-control: no-cache
x-server: 10.45.30.168
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
421 B 31ms
31ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: eea3c6f58a0d8b009c0e59cf907a46f4f782436c2442fcce0717b5a115754e7f

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Jan 2024 22:58:17 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.14news.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sun, 11 Feb 2024 22:58:17 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 22:58:18 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
94 B 117ms
21ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:18 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
94 B 117ms
22ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:18 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
94 B 108ms
13ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:18 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
182 B 107ms
12ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161733
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:18 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 575ms
121ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.14news.com%2F&domain=www.14news.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.14news.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.14news.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 12 Jan 2024 22:58:18 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 231644
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 03E1 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 18:49:56 GMT
expires: Sat, 11 Jan 2025 18:49:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9FB8 829 B
1 KB 37ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1535c90c903d9d4a5505ff0ebc9a17d66b1e99be32eec8dd5366c43b2ad02c89

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SzHuKTJiL38OQzyVV51_gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.14news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SzHuKTJiL38OQzyVV51_gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 22:58:18 GMT
expires: Fri, 12 Jan 2024 22:58:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
274 B 37ms
7ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

917551ba39c949d995c47b45b2697e279343da2ab9cea52e17623fd0d18d6af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.14news.com
date: Fri, 12 Jan 2024 22:58:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9D61 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstW35YTCdxWwrCT7c1gnJEIHiUln3hX4hiL7qL5ToX3H9dLSMEGV8IKceOJBQ3QBKBZVsvHp52gNPXYRpvI-94RpsS751LI2u0NtNTvgeq_wwg-wOuCwPl9AFvmnIvw8uUS_eSkxt13k7Zykdef3YbT1w&sig=Cg0ArKJSzMt1D1PvH0zhEAE&id=lidar2&mcvt=1003&p=370,1135,970,1435&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3273924756&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705100296971&rpt=176&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 03E1 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 16:01:33 GMT

POST
H2 200 429.json Show response
id5-sync.com/g/v2/ 251 B
531 B 24ms
9ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/429.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

ef80da214ec4a7d1a936ca301649b300964f804a8e1724ef201572fc1525015b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.14news.com
date: Fri, 12 Jan 2024 22:58:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9FB8 0
0 40ms
40ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401040101&jk=3040706438601181&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 03E1 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CYHDtg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 23ms
23ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240111-22-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Fri, 12 Jan 2024 22:58:18 GMT
x-amz-request-id: 9T8G4R1J257WC6ZV
age: 2822
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by: cache-fra-etou8220093-FRA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1705100299.538990,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 23
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 7941

GET
H2 200 / Show response
pips.taboola.com/ 4 B
122 B 12ms
6ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230133-FRA
date: Fri, 12 Jan 2024 22:58:18 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.14news.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 284ms
88ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=fc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Jan 2024 22:58:18 GMT
cache-control: no-store
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B40 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaa_HboG6na8Eb_E_OVgASWR0GgCUeunhbBpvZmLzW8RMsRMV3Y_I9wlnM_RnyYoboDr1giRubqaTtHDLkE8QMmTvdTq_fVq2GFb9Gxu1k_qtXL3fGE72w4ARFzFwJfJ2jRyhEQG4vjue6U3qf3WZ3w6ym&sai=AMfl-YRnMY3HVVXz8TNrQw77dzlgBoG5kukJLLQtwmr2g8T8IP8Er2_Lwgwu_otX6271jQNlEcCMyvWv-cevicQ5Yl_p5P6hnGba-GGrW6_FC8lkzAzZDFr9Sd7bpU7hPAOqadC5189TTnr-azyhOgEx&sig=Cg0ArKJSzPteH6cjmGphEAE&cid=CAQSTgAvHhf_lkHrgfUobPwpDFtLYZasvfRoILKo1Wxt1-y6D2_n8NXroYs7A4MH6cv9JxYLnjYKJ4khDm-FPsoBEHjXd-kzLxk5IQONyOTAWRgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=204051294&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705100297304&rpt=284&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/7849941690979828464/ Frame 275B 136 KB
27 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7849941690979828464/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b814e9a40de58a4af2de3381c55ec5b3c42ccb762e9725ece05eb80dca18ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 18:13:51 GMT
date: Fri, 12 Jan 2024 18:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27546
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 13:23:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/7849941690979828464/ Frame 275B 9 KB
2 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7849941690979828464/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0813788b894b1b2d58d6d1d94ca8f1d328d4281541bce894569ecab0cf9931a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 09 Jan 2025 13:07:08 GMT
date: Wed, 10 Jan 2024 13:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208270
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2481
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 13:23:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index_atlas_P_1.png
s0.2mdn.net/sadbundle/7849941690979828464/images/ Frame 275B 86 KB
86 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7849941690979828464/images/index_atlas_P_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0a772f347241040863bd872f82e51cb34e72e026c9e7b9ce5e44f25d4622c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 15:43:54 GMT
date: Fri, 12 Jan 2024 15:43:54 GMT
x-content-type-options: nosniff
age: 26064
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88080
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 13:23:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/7849941690979828464/images/ Frame 275B 32 KB
32 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7849941690979828464/images/index_atlas_NP_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97713e13d18b1f8b70693b8c096df7355c17431eb8f303563f29b9122685d27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7849941690979828464/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 13:02:03 GMT
date: Fri, 12 Jan 2024 13:02:03 GMT
x-content-type-options: nosniff
age: 35775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32702
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 13:23:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401040101&jk=3040706438601181&bg=!kpGlkd7NAAaumcC-jpk7ADQBe5WfOBIwHZ8tXKgu9WCtP4RiNu4UEAsMeQQKycR1ihDxp9VjBl3wh50LY9mzYVwiyEJlAgAAAEtSAAAAAWgBB5kCtAVCftwyias76St64Q6HxPu3yMeVgAB5xlCcHqFlO6TiiQ2A8boa-nt41GV02mG-JTDg0anRTY_YJRvA4VYhbajRWo2rbfs4WCmPCHgnYpL2r4SgjdYHJllsfZD4zpt4MCyyZlsJmGASls_T-0NDxKz98KdfoDYC95Zg_9Fb4u9-ekf5_2LDhjU3Uk_7mgTY8ixptZdhtDhzZM3fHcIuLnToFINHlUW0Htr-KcE6pYCcI11P4JZhK7o5y296KD5Vi5Nn4d9HzQMs42LnTTzkgALyyANyd0Bs9uYYhYaaBkXI3VhAIy_Qgn53rObZ4YeE8m8KcNrpvh0i1cdak3ra367eEtDLhbN4WtqpR_Gr680E0-tJzsLfaT7oHsvGHvGt8wzxILuQKiJ9bHaNkSjQy0JAwJHYV0Tbm2Uau1cBSyqySgAosRof3IIa9CV2nYOr0gyYnvQ69MUHNQQsbz70qtdJwzElrytEyY8vfwf3TwYpnljQvphz1q0o3YVyOTZ4TKSOBNMoRdNuoNU0rj5g67vCMrHgXPYwUAjJccrz1Ij05oVsOgcAt6TeQ85UJ96f78D2HAnSKTKTmKjpzEGZYENAz-t2RZWpn4AnPaonX7wSjcyiYdJLq6SV7SFDAfDb2xhNHtlibc4-YHI48IArbqPsffY1I6qMiJh0mPBFhJ7ANFsfwzNNyxvZ5rgZITne7MDqbiUloqGSKxP01HmjoLe9cwOXRuKtdiZ34HLxO5tInrIPg9FpB5emxTtaLD-cCyto3AOcmSbDQAvFNuIQX1DmmBSAs-hySd0hZsSj5uWNyu29pbN18a3vnZx2u4aSRfmzQnfNbsoG_n-pm9Ohlkh5Jtyc6uQNRw_R2wZ-rYY1TSBc30AWlfhrdie8hwBm8dkCNCYW0y6CXe8cETmPcXfz3iF2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B40 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7557412229830&version=m202309260101&ct=76&x=1&cor=17700425428629393000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 22:58:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 _.gif
counter.snackly.co/ 0
85 B 114ms
113ms Ping
image/gif 2606:4700:10::6816:49ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/gray_group/mi-scraper-1.17.0.32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 22:58:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://www.14news.com
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 844900e3cc31361d-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Fri, 12 Jan 2024 22:58:18 GMT

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
300 B 72ms
19ms Image
image/gif 18.239.83.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=19&c2=10477191&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1705100300329&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20120.0.6099.216&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1705100295322&ns_ts=1705100295322&ns_ap_cfg=1110101-111-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1705100295322&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fwww.14news.com%2F2023%2F12%2F11%2Fballys-loses-212k-construction-scam-police-say%2F&c8=Bally%E2%80%99s%20loses%20%24212K%20in%20construction%20scam%2C%20police%20say&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-126.ams58.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.14news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:20 GMT
via: 1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: 9p_kgA3GytV5MH04QG_mkJU6kRwQxWRnJk-k4odNmLpbf7C0iGPRCA==

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
2 KB 127ms
126ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=938&height=527&pubid=208401&tagid=1047981&crid=-1&noaop=5&sortOrderType=0&cb=1705100302499&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1588&pt=-1363935250&tz=60&viewable=true&ddast=V885wCLAZA9oJHJyvRIhGA7AWPTlaiRSoAAABgYMD_AEltBrONb7Nxy0y2kVu02m3WytFyttZtHIbVaDBz2JYbIyCpzWC28W02bpnJNnKLVrvNWjlazta6jcOwGg1mDttyYwUjxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQc7yvUEUmk6Hz3Wv1_1-d8Vo7vJ97hq_2y8ZTDZ7xWSvWOwlDrPZ-XmL_Z6X5y1ZTLZujd_uOV1eH9PTb3drPg63W_A3Oz0ut-bh_MsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQABBQPisBEFNSeeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GJJ3BoNDrEApT6SgtQgjAAAAAIrHJoRHJukEFYsq_____VYArgAABDD-l_vqZNEdlHgLAwAAQDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYqBsAgDcBcIJOAKxOQMwOAAAAwJ3___9_PSC1Wlhsq8FgtZwZVy7PZDjcrRymlcXkG4wWtuXEe07AwAgAC8oG-1BIy-M3SFous0FB8dteBhnLZbKfCVuMVpPJZjmcLReTwXA0HI32ZyAmgwGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQw5jHudiOPza3ZzWZr0cjjckucq8latZxtVibncrlxLtei18f0cU5My-FuiwQDpPYieVqkE93E4ZnshhOTy7NxTRaezWAysWxGps1usVt4bJaJWKI5WaQT2WXfWi0sttVgsFrOjCuXZzIc7lYO08pi8g1GC9ty4q95jLvdyGNza3az2Vo08rjcEudqslYtZ5uVyblcbpzLtej1MX2cE9NyuNs3doPVYjCYLFf7xm6wWgwGk-Vq36EzfFefs9F3OKc9Qqk3tv0LbU6DwmWweH8S02LanR1EJ9_RKXN4lAWd0e_3-_1-v9_v9_sNWs_BbFD4hn2XZxgTyWzZ3NggNhgUsURwkU50lofzdHsrRnOX73MRS5Smi3Silwwmm71islcs9hKH2ez8vMV-z8vzliwmW7fGb_ecLq-P6em3uzUfh9st-JudHpdb83BexBLB6SKdiF7G00X9Rw6xGc4Vy-VcM5wrNpNVAgAAAAAAAACwBNNMNwEAAABwMojhZDjcrdPBTCaD4XC1XAAWV6G6fqLMWajDT9Z2XQjNKxcq2k0Va-yxhrM8nKfbWzGau3yfKwMAKDhkttlnBLFWq2UNAABAABsAAEAAN914E0AWxf3___-PAwAAICOHHgAAgP8-oKaZmZmZmRl-BbFYDEb7B6BCrNVqdbuxVqsVkCB2i8kE_v___xMEAAAAAABYASsIAAAAAACA8wI!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=0&ctsldr=0&dtagid=3220885&dpubid=182887&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!esv_vC!lvlstst-in2_vB!lvlstst-in2_vB!lvlstst1_vB!rbcatc_vB!t45!video-reel_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.14news.com&en=1&subu=0
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitRecoReelWidgetDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7061c927f47001f3c693db483656f5424e0507887037d7fd5b82126942286c9f

Request headers

Referer: https://www.14news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 12 Jan 2024 22:58:22 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1433
x-cache: MISS
x-served-by: cache-fra-etou8220093-FRA
pragma: no-cache
server: nginx
x-timer: S1705100303.503846,VS0,VE120
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.14news.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 18:21:32	Name: _li_ss Value: CggKBgjdARD6Fg
.piano.io/	1970-01-20 17:38:22	Name: __cf_bm Value: Eo650d7xJ7nlC0UEFK8qXlLAIdPqvtTiK8BxDfdDR4o-1705100295-1-AcXLgtCqJ/UOF7GW103mha2nY7rX/ak7k+OTBMqlWK2M2apd53eoQ7ObvgJL3jsNJbugAf6NRU0F+WxvKq6GYcw=
.14news.com/	1970-01-21 03:07:08	Name: usprivacy Value: 1---
.14news.com/	1970-01-21 03:07:08	Name: _cb Value: DpgWvpVHD9NrceS6
.14news.com/	1970-01-21 03:07:08	Name: _chartbeat2 Value: .1705100295498.1705100295498.1.DhE6ubDsQ78UCpiWGADaM7QMDaJAWr.1
.14news.com/	1970-01-20 17:38:22	Name: _cb_svref Value: external
www.14news.com/	1970-01-20 18:21:32	Name: _pbjs_userid_consent_data Value: 3524755945110770
.14news.com/	1970-01-20 21:57:32	Name: _pubcid Value: 47f0e1b7-badb-4744-ae36-ebf023eeea97
apv-launcher.minute.ly/	1970-01-20 17:48:21	Name: AWSALBCORS Value: G3RZrTeRhVPiY+6stM6b/kYTRadJqzd21rpdAA5CqAsmuSbHM+Io9z2OzCpCkdWBmdBBfN2wUkWJp0Vm09Z8qpZDqV2w+3Qly/JE1inkScHVaUaE8Db9qBfskExV
.14news.com/	1970-01-20 18:21:32	Name: minUnifiedSessionToken10 Value: %7B%22sessionId%22%3A%2246076eebf9-7865b92301-eed686b3e4-b6dbbe3945-a62802fb19%22%2C%22uid%22%3A%2205161bb95a-14cc6045fa-22f3840ec3-9885597307-5278e4aaf0%22%2C%22__sidts__%22%3A1705100295754%2C%22__uidts__%22%3A1705100295754%7D
www.14news.com/	1970-01-21 02:23:56	Name: minVersion Value: {"experiment":853304102,"minFlavor":"Gray Groupmi-scraper-1.17.0.32.js100"}
.14news.com/	1970-01-20 17:39:46	Name: _gid Value: GA1.2.1361826526.1705100296
.14news.com/	1970-01-20 17:38:20	Name: _gat_RMD Value: 1
.14news.com/	1970-01-21 03:14:20	Name: _ga_XTQ191V2PM Value: GS1.1.1705100295.1.0.1705100295.60.0.0
www.14news.com/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1705100295890%2C%22visitNumber%22%3A1%7D
www.14news.com/	1970-01-21 02:25:22	Name: pnespsdk_visitor Value: xezqetqn5kevi96k
.14news.com/	1970-01-21 03:14:20	Name: _ga Value: GA1.2.1765686019.1705100296
.14news.com/	1970-01-20 17:38:20	Name: _gat Value: 1
.14news.com/	1970-01-21 03:07:08	Name: _awl Value: 2.1705100295.5-abe7e38520e51bf9e2763e959e1ef13e-6763652d6575726f70652d7765737431-0
.adnxs.com/	1970-01-20 19:47:56	Name: icu Value: ChkIuZaEARAKGAEgASgBMIiIh60GOAFAAUgBEIiIh60GGAA.
.adnxs.com/	1970-01-20 19:47:56	Name: uuid2 Value: 6454841772227527969
.casalemedia.com/	1970-01-20 19:47:56	Name: CMPS Value: 3210
.casalemedia.com/	1970-01-21 02:23:56	Name: CMID Value: ZaHECGceIg1qSUvyjIeadgAA
.casalemedia.com/	1970-01-20 19:47:56	Name: CMPRO Value: 3210
.ctnsnet.com/	1970-01-21 02:23:56	Name: cid_02d06bc6f982462e8c0019b2973d3377 Value: 1
.turn.com/	1970-01-20 21:57:32	Name: uid Value: 2984328696174152105
.sitescout.com/	1970-01-21 02:23:56	Name: ssi Value: 52be1a08-571c-465d-8790-38473e4f79e6#1705100296144
.doubleclick.net/	1970-01-21 02:59:56	Name: IDE Value: AHWqTUk-Of0dJy5TAjjPLilG6_qWaRRjDt8WcTvCwp7cR1xKzZi8bk7aeGxNr22Y0Sg
.sitescout.com/	1970-01-20 18:21:32	Name: _ssuma Value: eyIyNCI6MTcwNTEwMDI5NjE1MSwiMzkiOjE3MDUxMDAyOTYxNTEsIjciOjE3MDUxMDAyOTYxNTF9
.adsby.bidtheatre.com/	1970-01-20 17:48:25	Name: __kuid Value: 30876b27-d254-4ccc-a846-f13d4ae04a84.474314296
.adform.net/	1970-01-20 18:22:58	Name: C Value: 1
.yahoo.com/	1970-01-21 02:24:17	Name: A3 Value: d=AQABBAjEoWUCEP7zIET9kPmow5OTdBzCvQkFEgEBAQEVo2WrZQAAAAAA_eMAAA&S=AQAAAlPy2QopiNIgglSgl7qFc-o
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjayNDUxNjQxMhHiM9R1NqiIdA3I9Ajx90wEAGpXl0MlAAAA
.rfihub.com/	1970-01-21 02:59:56	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjayNDUxNjQxMhHiM9R1NqiIdA3I9Ajx90wEAGpXl0MlAAAA
.rfihub.com/	1970-01-21 02:59:56	Name: eud Value: H4sIAAAAAAAA__vFyGtobmBqaGBgZGlmaGkIANMWqNcQAAAA
.adform.net/	1970-01-20 19:04:44	Name: uid Value: 8015212870793150717
.brand-display.com/	1970-01-21 03:14:20	Name: _knxq_ Value: 4d61aa0d-745a-4011-85765188.1705100296.0.1705100296.1705100296
.company-target.com/	1970-01-21 03:14:20	Name: tuuid_lu Value: 1705100296\|ix:0
.company-target.com/	1970-01-21 03:14:20	Name: tuuid Value: 3dad8a88-64bc-4155-91a8-abd08ff700e2
.tapad.com/	1970-01-20 19:04:44	Name: TapAd_TS Value: 1705100296315
.tapad.com/	1970-01-20 19:04:44	Name: TapAd_DID Value: 598b53f4-931c-4503-8148-816d8a58b8c6
.tapad.com/	1970-01-20 19:04:44	Name: TapAd_3WAY_SYNCS Value:
.amazon-adsystem.com/	1970-01-20 23:57:03	Name: ad-id Value: A67hKXLKV0whiV7kfxMogz4
.amazon-adsystem.com/	1970-01-21 03:14:20	Name: ad-privacy Value: 0
.liadm.com/	1970-01-21 03:14:20	Name: lidid Value: 3ff546d7-2a52-409d-9a0f-5668891ba711
www.14news.com/	1970-01-21 02:23:56	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Dfc877dcf-3766-4dce-b952-5963ed999c99-tuctc9b4987
.mediago.io/	1970-01-21 02:23:56	Name: __mguid_ Value: acc8ce730df3ee9e2auafu00lrb8owzw
.14news.com/	1970-01-21 02:59:56	Name: __gads Value: ID=04d955d1d07e9475:T=1705100296:RT=1705100296:S=ALNI_MYwXZY4vtEqZPJQNTz038JPSM6Reg
.14news.com/	1970-01-21 02:59:56	Name: __gpi Value: UID=00000d407c3fd497:T=1705100296:RT=1705100296:S=ALNI_MbCS6bJ1ELKsrFY4eY7jHuoa-YVTg
.doubleclick.net/	1970-01-20 21:57:32	Name: APC Value: AfxxVi69xCrqA_N1S8JBQ1DerpS8EQawtRS2IFPWNldUYjXdEoUSxQ
.boadedshedisite.com/	1969-12-31 23:59:59	Name: 071ab26f-7129-4e9b-ad2d-e18a9143f72d-osz-v4 Value: ZcP7TAsODgkV9YASfSoPC3jOpakNEL-koiSRSc4c6QQ8YPvXlP1Iq0jItdhrlHgkLR_JxnkcyRaj2GTzJp2smL1gbANaPcRwIunN5kUidFIG43ayOP4ZIVG4fh8r4-3svs38JcAaSvZYKA4GzCjMJ1aJQFK63w3S19edejHDOEetf86Et2GdedwQWEzTl9rIIb_cr8MPvD3jFJyMGgi081XRzigVzLsO5CR0qgJZSy0WmnV-Kx1GcPlwRI4UVQG-1toS8dTQbxsfrqo-H0BB8fvdEBBscOHA0a8144VMgiy2reE8N5VzuT6VnYWYy7fugRl-OZCrjzphyHfAWRLN-zDY6NWG2BjAJleIKeFPjvx7NG2f6sWpT93RDLYk-JV7R5f4VOn03yXsrIyf267vFXuPpfaTaXmTA13mCsR-V20rEYskZaID5jld4ZdKK4SoESUbbo94IpMQk8Wp_0neS1452OHPiUW6PRnZlwi4M_Ts4cg8k8AwDC2-siB-u83cyUCbtNdRw8FjYpS50VKmYGp6jZ7xma7AwXrjD8njBQ3og77Z7y3-dDDNFCAksuE7sW8rM4GnBfXz9ypfxb24yo043oB6M6VG-6F6iGD0kfkukvi8xBs4F6pJgZOKRz_8CzLEf7XB-56bPd78O9hlgqr8eZoKba3RO0_195mI2JkvrJs9nlg4FdF4Zbz7cX4013FL4rmEEu0hnyF5doYIPKKRuf5D2m8dlmUwX4s-Q1F2FaVC6uWp6TC-3Rle2PTDxeJLVj2NLQsGWwGSjVn-Ws4gYhzCeKQVa22kSYLrlsIFBEzQu4MKFmWqYoKhe3J6zgHOUdRsRnr1z-8rFWzwc-ElXhHuVYrgsOmyy9xHyswNEhcdF9Tg5otat-nGPn7lmXy06OTtrpjOCyMgG7xJ3D6Q8QJJBR9i904lbEWArnyszKnvW9haL61Pne4gpsjCedYsSTy1Yz0is0Q6JkvNixbuQaEu--Op4ritoaa3qBTzmNWkNzCm8eN6-GQO5sFAOd95Zqize3vvqi4u2I8lbYM_gHnRmY0HewkwSM5FrMZR1QSvtoJo__acE_wgZSugy631alroAla8QLGbX1ryI8bK0og-sdecWEjj7a1Tq5TKzVlF-1EdtTDJfXypxrEFzgn6Wa5aqcWDSmOV7LlIFGcjOIxiWPzGQURW96CN-X8
.adnxs.com/	1970-01-21 03:14:20	Name: XANDR_PANID Value: zSaCp7FXYlHydrz2xF-tiymRxIVjJtuedgssdB3MUCBCfgN2BCamg977qwMkVcL8-oXlox23zr81SZz2Fh6GcA9QOdkaJqnlCuNOGLOPqXs.
.adnxs.com/	1970-01-20 19:47:56	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$O9NoD=!@wnfH8K6pQK`!5=E<*L5?%M7Y<8_R2P([^l!she_qrRGdeOf+@Q9`sM7ctp9RFMZ9T5_m!x(4k)UoFY
m.exactag.com/	1970-01-20 19:47:56	Name: exactag_new_gk Value: ec9197c90ab140e0a8ba7f40e3ba8bf2%7C12.03.2024%2022%3A58%3A16
m.exactag.com/	1970-01-20 21:57:32	Name: exactag_new_uk Value: 8ac73fcb812e4ca4a05f582ecf17515e%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: a802c501a61e4a6f994c5ae3
.demdex.net/	1970-01-20 21:57:32	Name: demdex Value: 34224275799112613614442971300529009379
.skydeutschland.demdex.net/	1970-01-20 21:57:32	Name: skydeutschland Value: 34224275799112613614442971300529009379
.www.14news.com/	1970-01-20 17:48:25	Name: RT Value: "z=1&dm=www.14news.com&si=b93db0e3-de8e-46d7-ab0c-fab3848646b2&ss=lrb8ov0m&sl=1&tt=34m&rl=1&ld=34n"
www.14news.com/	1970-01-20 17:38:23	Name: _lr_retry_request Value: true
www.14news.com/	1970-01-20 18:21:32	Name: _lr_env_src_ats Value: false
www.14news.com/	1970-01-20 19:04:44	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-01-12T22%3A58%3A17%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.14news.com/2023/12/11/ballys-loses-212k-construction-scam-police-say/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.14news.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

51c017a5e8c25e90452fd006e4e67b1b.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api-esp.piano.io
api.rlcdn.com
apv-launcher.minute.ly
b1sync.zemanta.com
boadedshedisite.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.taboola.com
cdn.indexww.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
cm.ctnsnet.com
cm.g.doubleclick.net
code.jquery.com
config.aps.amazon-adsystem.com
counter.snackly.co
csv9f04.na1.hs-sales-engage.com
d3agakyjgjv5i8.cloudfront.net
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
euexchangesync.digitaleast.mobi
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gray-config-prod.api.arc-cdn.net
gray-config-prod.api.cdn.arcpublishing.com
gray-wfie-prod.cdn.arcpublishing.com
gray.video-player.arcpublishing.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
images.taboola.com
imprammp.taboola.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
m.exactag.com
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
operationchicken.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.tapad.com
pm-widget.taboola.com
polyfill.io
powa-ingest-prod-us-east-1.video-player.arcpublishing.com
pr-bh.ybp.yahoo.com
r.casalemedia.com
reconditerespect.com
region1.analytics.google.com
rtb.adentifi.com
s.amazon-adsystem.com
s.company-target.com
s.go-mpulse.net
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
skydeutschland.demdex.net
snippet.minute.ly
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.taboola.com
t.pubmatic.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.14news.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.queryly.com
x.bidswitch.net
api.rlcdn.com
104.115.82.16
108.138.9.235
13.227.219.27
134.122.57.34
141.226.224.32
141.226.228.48
141.95.98.64
151.101.193.44
151.101.65.44
162.19.138.117
172.217.18.98
172.217.23.98
172.64.149.180
172.64.151.101
178.250.1.11
178.250.1.9
18.197.244.187
18.238.243.122
18.238.243.59
18.239.69.131
18.239.83.126
184.30.16.183
184.30.16.195
185.64.189.112
185.64.189.226
185.64.190.78
185.89.210.180
193.0.160.130
199.232.211.52
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
23.22.230.241
2600:1901:0:4277::1
2600:1901:0:636d::1
2600:9000:2090:8e00:b:5584:2800:93a1
2600:9000:20ab:8c00:8:48e:53c0:93a1
2600:9000:2449:3200:18:1fcd:353:c61
2606:4700:10::6816:49ae
2606:4700:20::681a:ada
2606:4700:20::681a:c56
2606:4700:4400::ac40:95a5
2606:4700::6811:180e
2606:4700::6811:c376
2a00:1450:4001:802::2001
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c0b::9c
2a02:26f0:3100:782::11a6
2a02:26f0:3500:1b::1724:a39b
2a02:26f0:480:184::11a6
2a02:26f0:480:c::210:f18e
2a02:26f0:480:f::213:7ec8
2a04:4e42:200::282
2a04:4e42:200::649
2a04:4e42:200::714
2a05:d018:d29:3602:44eb:b5a2:2ad7:b31f
3.75.62.37
34.111.113.62
34.160.19.107
34.204.155.173
34.235.12.81
34.95.81.168
34.96.71.22
35.186.193.173
35.208.249.213
35.244.193.51
35.71.131.137
37.157.4.28
50.16.139.245
52.46.143.56
52.51.166.94
54.195.229.193
54.229.214.219
70.42.32.159
85.14.248.71
98.98.134.243
01b83ab9dd12f79d5f3ec8b655c274567e016aacc9f3341ba33947bc269ce41a
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
061bd84c5a8d909b7cc333ecd68f2247d1b416310bd0e7930a12d6919c8d0127
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0791d2b9d5addb7e98f10930c50b08899ba80729281c889eb876516f0c3cc608
0813788b894b1b2d58d6d1d94ca8f1d328d4281541bce894569ecab0cf9931a6
0925efd0a454e86a5a504b66d15e286a02c6c7a4d5d165074d4876855cad1054
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0ada7c9cafcf80d56e351d84b84b549d7b497b41f857360545cc21106192a2f4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3579eeaf1e873085949886f97191f13be80d67d7766a8ac927875d4814347
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d39bbdcae43253b7e0d7a69841e70d8781ac7aaca5cd9a20fc9edbf5c643e76
0df30fce7c84a133286701e1ab930d091d0f02974c960732d5e5cebe946f8fd4
0e12f41affbe93a49de1cc76a7490afe737e5bab49b590c56da916c020d35c30
0e3eb9b59b8481a82782d22fcf3f375966c338a74c2eeeccbb32be0322c75998
1065b76f8f508503c61f9af005835fb71d52355c5f2c77e2946f417abdaa2c9a
10c8b434f6a2204a556decc7b23a99e7f4362d2ec92e7c32cbe4b40ff747a82c
12658ca6492963d8d3876f2e3bc650dc243a1d0fcb17289af9d041cefcf0d43a
1266b2f4d81bd518679a414e72dec16e4ac034d79db7f49a596e7163585b611d
1401a8ba666449ee62c1b48a647c2aad3f6e9aeab8761527b31def9986895eba
146f967b71559850ce961f67fa716019ecce6213b2999db6b6085105b8b412ab
1535c90c903d9d4a5505ff0ebc9a17d66b1e99be32eec8dd5366c43b2ad02c89
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1b37241932f01d06d8f1577adc7ab648c59a42b1a933d8c72c4f5f0156bacd5d
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dd57557b7773be094255e161c41e14eb9b4f53563dbd3ab8f44f6dd7bc549ec
1ed866634ca1ce554406640138794d122b9d20cdf8890e0eab112deb400be2a6
213e664e7b96f91a8650c3e51d4f4619ba80cd86c55b16fab43d5e1678cab070
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
23c61c32f9672523bb8773177649c9bcfbe06f7d854bc59ba9bb2f1d70c47784
26c376469434b7afbf788342b6b01a95022cab140fbde901c64c2c7ecd0d36a9
270fd5070205fc001946f3476d38f8914b25f76e088c54fe89bae0934ea86560
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
2804798e0407de865804468798d34c70c05168d410a928a3f8ab53e68ff5279e
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
29c0f1f13d1583fa6e79adbc995ddcfdd1acf1acc7a5be303876a09c4ec3ac28
2c8c769ca87ba4559c3189c1c8f767dac7ad794de3ae8ce20067c16e7c6d5baf
2c9b1510cc6a49af87ded85d0360e352bfcb3f3e1421f2755dd7074fc438c39d
2cce7b0ac94a9c695151595eee7fc6e0fd0e23428c4502fe071fa4a754e175f2
2cebf2e07341ef88988be68ddee292052e3db75b0680fdc2416b8040daa85d3d
2da5a1fe73da03c84740a19a250300cbff20089410277a792ddfc933e3c421fa
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33459a46d0456447c25713d7950d6a1e376b4cb1ec1b6323b27e56d71922ae1e
3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329
38a69f0b502012189d612863d86a57c19db5a14889204ca70f0fdbfbaeb6f468
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39827f082c466d9f760b44f31bc93dde0e971f3f0eb2db6bfed1c6a50adf94bf
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a8cb2a35b4a53a24d04769da86cd1c74eebfbb085f0e62fbb4806976a29a505
3c0855e6c01ca96fac090aafacf4c1ef72dba8b5ccd1ddeb12b50904da27a76b
3c33d8450e31c71dd1a35d526dd75e77a5cf41ff93e7befc69b2f0d4410c7c6f
3cc3b607640a300ede0d38b1446d51328e7b20a74725525697cda1bd211e1ff6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3dbcf954026adcc7c128a402c2ab0fbccdb17459cbbbca8897da1edbf3f449
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435513353a8242f38aaeaab41474da209cfc89cb0868d9d19eda800c7050680f
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
467b7f66c25d0d7a52a220a8b4db5404f17ae600331f77adbca2799799fed5df
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4898194e21038f32b77d621e873217a3e2d330231b652b55821aaaa9b5dfa9a9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49fa442e54fafa1cd1bde7fcaf982dbb42d4116cde685a724ef2e9fd6ddd276b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7a5a4cc369fbf887fc098793578f308d0b3e1f51c6fdb5765e5b433e1dfc89
4bc3c44465097065bb17194097fed95a25ae6badf7f4980efe22e7ab0abc5bac
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d58903f2b2fcbd3dc9adbe40c77cd0d3926f9d1b96394ad957ece8edffd7a97
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54648be507bf58a74d0f0ee472daad0b4493a1e10ca6c7f74491949cabfe94ed
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b58022d11594ac566af18fc88040258482320395217a571a6b699d587bb71d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ecaf05136b87abab16fa79584af9d61d06e003476b8d16a02701179afd8b5e
58eb11807a0760c15d36291ca18203c79142810a3fc40062f249d36493b96617
5aa0c9b05371634133edb4e47dd8e0b88f86d99fcb2430560ec7ff0ef0ef1bb6
5b2e3942e3500c077fd124f2c39247ee18233993ad858854b27043f15ffdffd0
5c9abb026dcec6d00f1e449a2facd19e45d055fa45ebd158aa3d17631704656f
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e74f6e99eee62860105ac1405237d857d04fd4670b94b61025895d8a36a88ae
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
64bc151d9102351bcba4ed0218f66b9c5d17746610c09c0823261b992e69c665
6a302b34ce783fda0c1a493fe5161d2222b71d2409accaa88d454b866ba807ff
6a7a553dcc86cd120aeddfe25d8c9e64a0e03039b9e0793fdfffcf3dea2b4f97
6b1763c93380bd1ab1ddc6ff17ab699c59a31190a7f4585f482b4278372b02c0
6b814e9a40de58a4af2de3381c55ec5b3c42ccb762e9725ece05eb80dca18ad2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6fc13c4d19b26b1eff2ff38da39bdd90bf75537ad6fe35be2aa340557b0ffb71
7061c927f47001f3c693db483656f5424e0507887037d7fd5b82126942286c9f
70628e5f4e459e1ac6e79fe6e63273193a92f07f8e7f1e75595aca6fa6d1603b
708906c5154863a417e3397dbaeab1c3e9d819c2561399d6e914728047a78722
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71ebee5042ab8da799a8fd3468d18df2e9569760f2c96f7d95702839e8c85d5f
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e9f8314780f1ce227f0721224dadeb7f6243275cd79fe2b371d4df8b59cc1c
790e90d45636000ad24f407cb54e878f2a793a795fbf95497396074aa0d39ddb
7a0b63791e2277cd2ee789b648b9a671c806db98d510c22576987ba1b2bbb8ed
7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425
7b5ab9201e2eeea874bff3ed50f642aca2410167f6158a8d713717a33afb1458
7f50c96922fcb3115da46fd6f0fd8dcd6f463db55d60a5bd7962ac30cfda554b
7f6b6487b374de4c5ace167de1183df866dfddef07289acd65eb3e9b36711e0f
810d9203d0e7d3abce29279a90ab99c3472a19cd32a7b96a0e83ceca32064aa2
81448e1799ba21957b6b575d12c098850d466f11b85aa83c0a9e2e7fd9cd9227
8257e3f3a5939a2a8e1ea470645bc40d9e2f626c59ec06307d0ed5f3f00b8ab0
825d6725809a6a6a8b92fa000731e603b6db437bf29f0a2660676a33a5b711a2
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82dc0f2ca9a1e7231d3850d0b00fa462efbfb58f047a7376c1d5c753c95cfa96
836aa7c59c712693d6287296e9f8dd781ce548557efd9667c7a36c63238be50e
85c3f30e13dd1c75af600fc9ef76e9ee016dee2480b72e70a817433c22edf1a9
87832cd18d93500a00998fae0c6b7b6b85362f1ab8de3e4e801fe713ae6e616f
8906e30acdf2d0f372ad90a825ed3510a113b3f51b5e5e2ac7f74ad7d8ba1bdd
891a89ae68372d5fd72a72b0410a4e7e13a411101a844b6887acb132eea26195
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8c087efae3c307d5a0b1f826a155c8997f32630f9fcb9c25c8f2a971f082a869
8c38e9c181eb2be0fdeadabd24b360e522cf55edc518fc4938a1026ae9a8e7ee
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9c0d41fcbf06a5409e7643a36c128d351ea1e3e11ffa94d68cb177c4c6cbd0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
917551ba39c949d995c47b45b2697e279343da2ab9cea52e17623fd0d18d6af5
93cd81c46cbd4bfe6f4719e75bdce456bdce53bf66078c7b9f024da7288fc669
95eb967be6262a54576a55fa8104a3a2068e1d2ac355ba8a6f7c2ac57a51c873
97713e13d18b1f8b70693b8c096df7355c17431eb8f303563f29b9122685d27a
979a4488476df65bbb13f7d321ac8bdd35cafd9776e677aee331a75bebe35f92
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9c9745c70198f745a304802a69ba2139c8efec63e6c8a3b587c7500eb1c3430f
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a06a67881c3075a265604996608a7e9266c8c10b1e3fc21f6904c24123792c5f
a157a9c961e65d38637a91ab9dfa5317d7d447e991caf9a7967e9f85db9b7da8
a1e2f8324ff598954b87892626060523b886af0898c423dd7fb9ae0c639d9841
a3704830fec3575491f1bdf729ec4cd621bad7120e072f427ae1f84e31129590
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7
a669baec7fe41341bd8d941af775c30b53f5415419e3937c51754e6760e422fc
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9edbe3c7428f920513f69711d1d77a4a73b4703c17bed30e72a8f74bfa2ed37
aa9c33528205144f5140a9725b403db7fac0d856a9f2bb52d9770cfda89fbc26
ac739e13d1b49733fe94e5c12fd737eabc9f94792b84e12b52b77a3c757cf0ea
adb0e0342a966128ec6a26d0320b49c8af9ca3bfc3a5b7cc688ae2a4cbbff506
ae2e26dd5055b20d2b55e5efec136e5da433dc3a75df7d266467bb93c998f33f
ae8640ae72685c66453d878540f6a525fb1efdaf429a0dbbf19e5e3c4aac89c4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af387702f874418048fe17d5682589c1a68b4ab7011f27c71b77e3abad578d51
af8364a15c1a9a4e1f19e6c322cd846ed364fdfcdfc11bbdafbde1643e44fa62
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5a33d3bdbbbe2fa8cd09a00b357906d17f9ca511907fc5e2a138a613e0729ed
b706f95f8e2669bea222c370517e315d74fc704b55ac06520c6bc8041b3af417
b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc57af050f429a7b560c12ddb9e9f6d3bd666ab5141c4c575771ba2c16e79bdc
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd4a751b13052d875779496873ab59d9920fbb8fcbc597a2573a429d1c5c8037
bd7f466942fd97a4045711374f787d5ae4d8dcd165ecffdac19529062fbd4aa3
bebbe726fdc492f9d090ca609389f1e862382a8851bb6b6b6af7c3d88cff81d4
c007337f79c82a24ecf5c7c146413979a53414902177298db0b888e1bf59e5e6
c126831cd4a8844d580f97f9d7714e175fd8a1f7e484c29fd1479921dcf2a808
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c2bacd1c75c86a25cab6e257d911e0e50b9e811f1e296071066e7d619d96abd2
c30294b9ed135300cc522b9e1ca129bde1bc00706bca88b77305df9ff52daa5b
c33412ba91028feec6a26b56c72f3ce03a24512785c25247447c2d1e81c8ff13
c57ab771b823835b5ac06e652658012751b8fcb7ae801cc44889b8b5e500f4fd
c5fc764b04ac9993abcdeddf3fe3ab542ba8d3af83c43601373e16541c19d681
c746f51c744930802c64fed29f2a07ae06b30f5891a91f662a537f3a89e21a7f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
ceafc88969c3ce51e246e5ccc956c874a76729ee0f2757dd474a45a4e36a583e
cf0ae7fb4f8ccb38d3665915d6506e6cba5aaba33862fff92c2603426c407a79
cf3da1613856e652347178a440f693de7776431f59a01da75427e6779cbbcfb6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7253052e96c913ab49ad85d0717651b20cd4e2279faccb05afaef2ff3b8103
d0a772f347241040863bd872f82e51cb34e72e026c9e7b9ce5e44f25d4622c02
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d2739074c737b8b5527d9f341f0d4e68b749cacce9a2968635068aa1968316e7
d2a7420ffc6a0b02d1d989f076c95a79ee0c52bf786b86ee02677ee0757636e5
d42fc95f685ddb8bdd9c1b1ec27464052f685f83bbd5a94fe015cf4f99e942f1
d492cd8e8226a63203ba8928c6420d77ce7250128a9d18c90a280cb281a96e40
d5644b46d5d663155f02502683f9d4ed7d7b3885cb2b04fbc9f1ac9da0d0eff9
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d697ea3fb5356f1689035dff4c72208896ec8cf85009fa7e2ac5a2e15176c2d4
d6eefc305cf3e7a6b7281a71f3fafdecb4a2b4ae8fd308e4b658b3769bfa2ddb
d781bb8800ce7a95168ca8e02a9e9f7c18382aa832a8ba222ad82a73ffa73759
d8c1cd30b8d688d8c55a18a8c18a83e91872d8ef631c9c8cb467bd099238fcf1
d8cbb49988a56784ee9f663b0532681cf2461c3639bec4daf6afbce17134ca86
d8fdba110698b80c64643c92afd47a6bc220388ee25114cf7d38e6f5512dc1f6
d9980bc795c9f415a9697312eb2c0d1e3766b5e6fa1b19bf90a9bb3c1ebe6fd5
ddf6d0c217b463bc84d3d06da179b5f4baf2c0e4f5a91c91256c1876df061717
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e30e037d864c8a2bc7e75eb1cdf90efa59898cedd3ffe018359f723abbc726e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42c7f9e59a4121d3449564fa285e3cbb43a43723c0d26960a1d1ea48584f2c6
e558e197babb8be50c98588d500ae5d1457ca6b869710ae8f1ca59c5ac9d16e3
e5675452dc9ac36e7b2594cc44e5b30079928c22c1762c91317fefeff2430b86
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e671a23d261e09556825dabab0e054ffc7e62de9ea7f3f1f40761dff71a8fe30
e7bd96688cbb98c39cc3c0dc22f09cbfd22d353d77b651ebc255cfaedfecdbc5
e95f4e8b7b843145c1837465f4039c8bf4a245fdf260c531bc4d18a2e49ea172
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed4bac5582f43d046df75bf8a54871403d2c04bcc3a180845bf311b08bd09db3
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ee29092e383c12ba4df6c360743cb8c2e76213b44b872a067153fc47b6a8b5cc
eea3c6f58a0d8b009c0e59cf907a46f4f782436c2442fcce0717b5a115754e7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef80da214ec4a7d1a936ca301649b300964f804a8e1724ef201572fc1525015b
f11a4507af103eaad21fc2dc0e52aed1f366af694eb48e54590f10880b79adca
f2585a718d4741b9fefda50ee5af2a53aa6eb2072430b7a32344c6e871f9643f
f652d0e25c390489c96f8b617fcf6a3b188f3b5206c0e932133750dfe03df7f8
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f785107fc4d43250eca27c1062ba15fe41fd228d06b1fa93fe704aa936826d7e
f7cb3ea3206fe5d7b1f6081ff466c74757ba469a9d635d1ec742f09a0421087a
f9b56ca02e641f4f395f9d5daccb43384a359f79fd0034a504c0c07b4b661093
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb56925c744b035b3949d28e0d9ba6ffb7f3de3478719efc82fa8c242eebf552
fbd9397e250004ffe02f1429439158659e46f8f0523838525b8fe0877ece2b07
fc30930dda0f7336328eb4208d0ee73e77566ff45a683789ba7c5a894ebb76c5

www.14news.com Open in urlscan Pro 2a02:26f0:480:f::213:7ec8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

348 Requests

90 %HTTPS

41 %IPv6

60 Domains

104 Subdomains

72 IPs

8 Countries

5165 kBTransfer

14028 kBSize

62 Cookies

48 Outgoing links

Page URL History

Redirected requests

348 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.14news.com Open in urlscan Pro
2a02:26f0:480:f::213:7ec8 Public Scan

Screenshot
Live screenshot

Full Image

348
Requests

90 %
HTTPS

41 %
IPv6

60
Domains

104
Subdomains

72
IPs

8
Countries

5165 kB
Transfer

14028 kB
Size

62
Cookies

348 HTTP transactions
4 data transactions